Re: Cisco VPN client connecting trough ISA 2004 - problem
- From: Dan Williams <DanWilliams@xxxxxxxxxxxxxxxxxxxxxxxxx>
- Date: Sun, 16 Apr 2006 11:01:02 -0700
Hi Martin,
We have this senario at our office and it works fine.
Clients are Cisco VPN 4.6 connecting to PIX IOS 6.3.
You need to make sure they are minimum IOS 6.3 and have the line:-
ISAKMP NAT-TRAVERSAL
The command is not supported in previous versions.
All of our clients without this configuration will not work from behind an
ISA server.
Regards
Dan
--
Dan Williams [MCSE]
Imex Technical Services
"Martin S." wrote:
Hello Henk,.
thanks for reply, however I'm not sure if we understand each other.
My problem is that clients connectig from network behing ISA 2004 which i s
doing (also) NAT to network with Cisco PIX 501 (as vpn gw) by using Cisco
VPN client.
1. When I connect from home with my laptop (win xp sp2) through my DSL
connection I can connect and work fine.
2. If I connect from office with same laptop, I can connect to that cisco
nw, but nothing else. Client is connected but I can not ping nor connect to
any device on the remote network.
Any ideas?
Thanks,
Martin
"Henk Steunenberg (Ms)" <stjesp@xxxxxxxxxxx> wrote in message
news:uRCkW$XWGHA.5012@xxxxxxxxxxxxxxxxxxxxxxx
Hello,
http://support.microsoft.com/default.aspx?kbid=885407
By default, Windows XP SP2 no longer supports IPSec NAT-T security
associations to
servers that are located behind a network address translator. Therefore,
if your
virtual private network (VPN) server is behind a network address
translator, by
default, a Windows XP SP2-based VPN client cannot make a Layer Two
Tunneling
Protocol with IPSec (L2TP/IPSec) connection to the VPN server. This
scenario
includes a VPN server that is running Microsoft Windows Server 2003.
regards,
Henk
"Martin S." <smisik@xxxxxxxxx> wrote in message
news:em7mBLwVGHA.3940@xxxxxxxxxxxxxxxxxxxxxxx
Hello,
I have problem with clients connecting with CIsco VPN client to another
network. Our network is simple with ISA 2004 acting as gw and firewall.
We have all outgoing traffic allowed except TCP port 25. However, when
users are connecting with Cisco VPN client to mentioned network they are
able to connect succesfully but not to ping or connect to any device on
that network. From other netwroks it's working ok with same cisco client.
We use simple NAT, clients has 10.218.61.X adresses assigned by DHCP and
ISA has one public adress assigned. Remote network uses 192.168.100.X
adresses. As I wrote, when I connect from outside of our network it's
working fine. I can connect to remote network, and work normaly. If I
connect from our company network, I can connect but nothing else. Does
anyone has any idea what it can cause? Thanks for replies.
Martin
- Follow-Ups:
- Re: Cisco VPN client connecting trough ISA 2004 - problem
- From: Martin S.
- Re: Cisco VPN client connecting trough ISA 2004 - problem
- References:
- Cisco VPN client connecting trough ISA 2004 - problem
- From: Martin S.
- Re: Cisco VPN client connecting trough ISA 2004 - problem
- From: Henk Steunenberg \(Ms\)
- Re: Cisco VPN client connecting trough ISA 2004 - problem
- From: Martin S.
- Cisco VPN client connecting trough ISA 2004 - problem
- Prev by Date: VPN with clients that arn't in AD
- Next by Date: ISA VPn Server
- Previous by thread: Re: Cisco VPN client connecting trough ISA 2004 - problem
- Next by thread: Re: Cisco VPN client connecting trough ISA 2004 - problem
- Index(es):
Relevant Pages
|
