03-24-2010 09:53 AM
VPN Client versions tried 4.x and 5.x
VPN Endpoint Cisco 3005
Profile - Group Authentication / Transparent Tunneling TCP 10000
Works just fine on every network tested except one.
Wireshark packet capture during initial setup.
On working networks, DNS resolves then immediate syn/syn-ack/ack to TCP 10000 then IKE like its supposed to.
On this one network, DNS resolves then a UDP to 62515 and no response from VPN concentrator. What I can't figure out is how the client is deciding to send TCP or UDP initially. I see no other traffic. Boggled right now.
Any help?
03-24-2010 11:01 AM
Is the client PC directly connected to the Internet or is there a router in front of it? If so, the router could be filtering that traffic. If not, it's possible the Service Provider could block ports other than HTTP, HTTPS, FTP, etc.
HTH
03-24-2010 11:21 AM
There is a checkpoint firewall on this side. It is allowing all IP.
The thing I can't understand is how the client is determining to open up with a UDP 62515 packet on the non-working LAN and TCP 10000 over the aircard or at a hotel. It's only when the client starts by TCP to 10000 that VPN works.
I would expect that the client would behave the same way regardless of the media the network is connected to. That doesn't appear to the be the case.
03-24-2010 11:40 AM
Here is some information on the use of UDP port 62515 by the VPN client. HTH
http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/products_qanda_item09186a0080094cf4.shtml
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide