• RSS
  • Twitter
  • FaceBook

Welcome to ISAserver.org

Forums | Register | Login | My Profile | Inbox | RSS RSS icon | My Subscription | My Forums | Address Book | Member List | Search | FAQ | Ticket List | Log Out

Cisco VPN client

Users viewing this topic: none

Logged in as: Guest
  Printable Version
All Forums >> [ISA Server 2004 General ] >> General >> Cisco VPN client Page: [1]
Login
Message << Older Topic   Newer Topic >>
Cisco VPN client - 26.Nov.2004 12:19:00 PM   
primozk

 

Posts: 5
Joined: 11.Feb.2003
Status: offline
I used ISA 2004 beta without any problems on the thest machine. Since the beta expired I installed the ISA 2004 standard version. I could not transport the configuration to the new server so I crteated it again. Mistake. My Cisco VPN clients can not connect to our customer network trough the ISA anymore. I created a access rule to allow all outbound trafic for the comuputers that needs to use Cisco VPN clients but they still cant connect. Any clues?

This is what I found in monitor log:
Transport Bidirectional Source Port Result Code Rule Destination IP Destination Port Protocol Action Client IP
TCP No 3247 0x0 AllowAll yyy.xx.226.96 10000 Unidentified IP Traffic Initiated Connection 192.168.1.42
UDP Yes 1026 0x0 AllowAll yyy.aaa.198.50 53 DNS Initiated Connection 192.168.1.42
TCP No 3247 0x80004005 AllowAll yyy.xx.226.96 10000 Unidentified IP Traffic Closed Connection 192.168.1.42

Thanks for an info,

Primoz
Post #: 1
RE: Cisco VPN client - 27.Nov.2004 4:32:00 PM   
tshinder

 

Posts: 50013
Joined: 10.Jan.2001
From: Texas
Status: offline
Hi Primoz,

Why are the clients using TCP? Reconfigure the clients and the VPN server to use UDP.

HTH,
Tom

(in reply to primozk)
Post #: 2
RE: Cisco VPN client - 29.Nov.2004 10:35:00 AM   
primozk

 

Posts: 5
Joined: 11.Feb.2003
Status: offline
I can not reconfigure the clients or the server. The administrators on the other side dont want to hear about it. So I am stuck with this configuration. Any idea what else to try?

Thx,

Primoz

quote:
Originally posted by tshinder:
Hi Primoz,

Why are the clients using TCP? Reconfigure the clients and the VPN server to use UDP.

HTH,
Tom


(in reply to primozk)
Post #: 3
RE: Cisco VPN client - 29.Nov.2004 12:33:00 PM   
awj

 

Posts: 107
Joined: 26.Feb.2004
From: UK
Status: offline
May have nothing to do with it but i found the Cisco VPN stuff only worked when the Default Gateway was the Firewall's internal ip address. Not sure if this is your problem but just in case.

PS To do a quick test that your rules are not the problem allow all traffic out from a test machine then try the VPN out and see if it works. If it does you have a mistake in your rules.

(in reply to primozk)
Post #: 4
RE: Cisco VPN client - 29.Nov.2004 1:41:00 PM   
primozk

 

Posts: 5
Joined: 11.Feb.2003
Status: offline
Acording to you I have a mistake in my rules? Default rule is deny everything. Then follows AloowDNS and InternetAccess (http & https). After that I have published a few web server. After that I have configured a rule for test machine to allow all outbound trafic from it to the external network? Am I missing something?

quote:
Originally posted by AWJ:
To do a quick test that your rules are not the problem allow all traffic out from a test machine then try the VPN out and see if it works. If it does you have a mistake in your rules.


(in reply to primozk)
Post #: 5
RE: Cisco VPN client - 30.Nov.2004 10:52:00 AM   
primozk

 

Posts: 5
Joined: 11.Feb.2003
Status: offline
Now I only have two rules.

Unlimited internet access - allow - all oputbound protocols - Eternal
Last default rule - Deny all protocols - all networks

The Cisco VPN client is still not working. Anybody knows what else to try?

Thx,

Primoz

(in reply to primozk)
Post #: 6

Page:   [1] << Older Topic    Newer Topic >>
All Forums >> [ISA Server 2004 General ] >> General >> Cisco VPN client Page: [1]
Jump to:

New Messages No New Messages
Hot Topic w/ New Messages Hot Topic w/o New Messages
Locked w/ New Messages Locked w/o New Messages
 Post New Thread
 Reply to Message
 Post New Poll
 Submit Vote
 Delete My Own Post
 Delete My Own Thread
 Rate Posts