Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Problems after upgrade to the latest VPN client 4.x and 5.x leaves

Hi, after upgrading to the latest version of the VPN software, some of my clients who use either a Linksys, D-Link or Bell speedtream 6520 router, can no longer connect or get disconnected after a short perioed of time. Anyone else have issues or know what we can check? MTU size??? FYI, they all worked fine with the previous version of the client.

7 REPLIES
Silver

Re: Problems after upgrade to the latest VPN client 4.x and 5.x

This sounds like the "failing to learn DNS info" issue. I think if you manually set DNS servers instead of learning them from DHCP, this problem would occur. Make sure you enable DNS in the network control panel TCPIP bindings. Another problem could be with the MTU size but since it is with various platforms I think this may not be the issue. However check by lowering the MTU size.

New Member

Re: Problems after upgrade to the latest VPN client 4.x and 5.x

Do you have the ISAKMP nat traversal enabled and also the ISAKMP keepalive?

It could be that the spontaneous disconnect has to do with a nat-translation that gets lost..

New Member

Re: Problems after upgrade to the latest VPN client 4.x and 5.x

Had a similar problem as the individual above: I could take a laptop and connect for hours at some places, but other places would only stay connected for a few minutes before disconnecting. It was probably the issue of whether I was going through a NAT box or not (or more likely, which NAT box I was traversing and how well it handled it).

Following your suggestion, turning on the ISAKMP nat traversal/keep-alive has seemed to fix the problem for me so far. Although I have not put it through extensive testing yet; but so far so good.

Thanks.

New Member

Re: Problems after upgrade to the latest VPN client 4.x and 5.x

Hi Willie, can you give me more information on the command you applied? Just to update, I am running a VPN blade in a 6500 switch and all my clients terminate there. There is a "crypto isakmp nat keepalive" command I can apply but that is a global command and will affect everyone.

New Member

Re: Problems after upgrade to the latest VPN client 4.x and 5.x

The command which enabled nat-traversal with a 20 second keep alive for me:

isakmp nat-traversal 20

I am running a PIX 506e firewall.

As far as I know (which isn't much), it does have to enable it for all your clients, but I don't have any reports of it breaking clients that previously worked. Perhaps someone a little more knowledgeable can comment in that regard.

New Member

Re: Problems after upgrade to the latest VPN client 4.x and 5.x

Thanks for your speady reply. Hopefully someone will be able to answer me about the 6500 commands.

New Member

Re: Problems after upgrade to the latest VPN client 4.x and 5.x

Hi, no, I do not have it enabled. I am running a VPN blade on a 6500 switch where all my clients terminate.

203
Views
0
Helpful
7
Replies