• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Cisco VPN client and ISA

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2000 Firewall] >> VPN >> Cisco VPN client and ISA Page: [1]
Login
Message << Older Topic   Newer Topic >>
Cisco VPN client and ISA - 20.Mar.2002 11:39:00 PM   
Kemi

 

Posts: 10
Joined: 19.Jun.2001
From: Vienna, VA USA
Status: offline
hi,
I need some help with the Cisco VPN client. We have a customer site that we need to get connectivity to and they are having us connect using the Cisco VPN client (version 3.5) on Windows 2000 Pro. We have been able to successfully connect when we are outside the LAN. However, the ISA server is blocking something when we try to connect from inside the LAN. Can anyone give me any detailed instructions on what ports to open etc? Or can anyone point me towards some good documentation? I looked all over Cisco's website and looked here and on microsoft but I am new at this so I am a bit confused. I keep getting "remote peer is no longer responding" and "remote peer terminated the connection" errors. I tried

Thanks,
Kemi
Post #: 1
RE: Cisco VPN client and ISA - 20.Mar.2002 11:56:00 PM   
spouseele

 

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline
Hi Kemi,

check out http://www.isaserver.org/cgi-bin/ultimatebb.cgi?ubb=get_topic;f=13;t=000495

Hope this helps,
Stefaan.

(in reply to Kemi)
Post #: 2
RE: Cisco VPN client and ISA - 21.Mar.2002 3:46:00 PM   
Kemi

 

Posts: 10
Joined: 19.Jun.2001
From: Vienna, VA USA
Status: offline
Thanks, that did help!
I was missing the rule for port 10000 and I had to disable the FW client.

Kemi

(in reply to Kemi)
Post #: 3
RE: Cisco VPN client and ISA - 21.Mar.2002 5:13:00 PM   
spouseele

 

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline
Hi Kemi,

many thanks for the followup, because many people doesn't seems to get this configuration right.

Regards,
Stefaan

(in reply to Kemi)
Post #: 4
RE: Cisco VPN client and ISA - 24.Mar.2002 7:39:00 AM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hey guys,

Interesting that the Firewall client had to be disabled. Since UDP is being used, it would make sense that the FW client is picking up the packets. But what is it that the FW client does with the UDP messages that breaks the link?

Thanks!

Tom

(in reply to Kemi)
Post #: 5
RE: Cisco VPN client and ISA - 24.Mar.2002 2:54:00 PM   
spouseele

 

Posts: 12830
Joined: 1.Jun.2001
From: Belgium
Status: offline
Hi Tom,

very good question! It's a pitty I cann't test it myself [Frown]

Maybe it has something todo with how the IPSec client is hooked into the TCP/IP stack. I think it is *not* at the WinSock level, but more likely at the NDIS level as a pseudo NDIS driver. However, the firewall client is working at the WinSock level. So, if he intercept the packets, they will never hit the proper NDIS driver. Just a guess... [Smile]

Regards,
Stefaan

(in reply to Kemi)
Post #: 6

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2000 Firewall] >> VPN >> Cisco VPN client and ISA Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts