Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

VPN Client get connected but no communication after that

Hello,

We have a VPN concentrator 3000 that is directly connected to the Internet, One of of users dialing from a a remote site is able to get get connected and authenticated using the Cisco VPN client version 4.6,(he gets the assigned IP address also) however he is unable to exchange any data with the the network the vpn concentrator log shows 0 received and 0 transmitted. The client is behind cisco firewall, does he need to open up any port to successfully exchange data.

3 REPLIES

Re: VPN Client get connected but no communication after that

you can try configuring this on the PIX.

sysopt connection permit-ipsec

I hope it helps ... please rate it if it does !!!

Re: VPN Client get connected but no communication after that

haa .. one more thing ... make sure the vpn group configured on the VPN concentrator allows NAT-T which is needed when client is behind a network device which is doing NAT. Check the IPsec properties.

Cisco Employee

Re: VPN Client get connected but no communication after that

From the first glance it looks like a NAT-T problem.

You need to turn on NAT-T in the concentrator. I forgot where you will find that in the Menu.

You can also enable IPSEC passthrough on the cisco FW (PIX?)

fixup protocol esp-ike

esp-ike

(From the command ref)

Enables PAT for Encapsulating Security Payload (ESP), single tunnel.

This will only let one user to connect and transfer traffic from behind the PIX. As soon as another user will connect from behind the PIX the first user will be kicked out.

For complete solution enable NAT-T or use IPSEC with TCP.

-Vikas

293
Views
14
Helpful
3
Replies
CreatePlease to create content