Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

VPN 3000 client sessions getting dropped

We have a VPN 3000 concentrator, and there are a group of users at a remote office behind a firewall(Sonicwall). Their computers have 192.168 addresses and are PATed to the firewall's outside address. When they connect to the concentrator(we're trying to use IPSec over TCP), after a certain amount of traffic passes through the VPN tunnel, their connection is dropped with an error 412.

I have talked to both Cisco and Sonicwall, and haven't had any luck in getting this resolved. Cisco suggested we enable NAT-T, but the clients don't even get a login when we have that enabled.

Has anyone seen this type of behavior, and if so, how did you resolve it? Thanks.

New Member

Re: VPN 3000 client sessions getting dropped

To use NAT-T you will have to open up UDP port 4500 on the Sonicwall firewall which isin front of the clients as well as on the firewall that you may havedeployed in front of the concentrator.

New Member

Re: VPN 3000 client sessions getting dropped

Ben did you get any answers on this problem? we are having the same issues plus when we try to connection to VPN we also get a security gateway time out on out public int. any help would be great. Or if we do get connected we disconnect after 10 -15 mins. then we have to wait 10-15 mins before we can re-connect.