Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
250
Views
10
Helpful
1
Replies

VPN Clients can not access servers when Site-to-Site VPN connects first.

rpcope
Level 1
Level 1

‎11-22-2006 10:37 AM

I have a PIX (7.01) with a site to site VPN linked to another offsite PIX this seems to work fine. I have Cisco VPN client (4.8) on some sales persons PCs connecting to the first PIX so they can connect to an exchange server.

Both types of VPN were set up with the VPN Wizard and both work fine independently.

However if the site to site VPN is connected first the subsequent VPN client connections can not find the Exchange server. They connect and authenticate correctly, I see bytes Rx in the VPN session from ASDM (5.01) but no Tx data. If I force a log out of the site-to-site VPN the clients will start to send and receive data.

The site-to-site can then reconnect and the traffic continues to flow to the clients. However if another client attempts to connect, that client then has to wait until the site-to-site times out or is manually logged off.

It seems like a routing table issue to me since I am not that acquainted with the PIX yet, I'm not sure where to look. Can anyone help?

Thanks!

Labels:
0 Helpful
1 Reply 1

zubairjalal
Level 1
Level 1

‎11-22-2006 12:27 PM

Hi.

I have the exact document for you. It describes almost the same problem faced by you.I am attaching it.

--Pls rate if it helps--

Preview file
47 KB
Customers Also Viewed These Support Documents