Re: Cisco VPN client connecting trough ISA 2004 - problem
- From: "Martin S." <smisik@xxxxxxxxx>
- Date: Sun, 23 Apr 2006 22:23:48 +0200
Hi Dan,
thanks for reply, that command should be used on client side or at PIX side
(I'm not familiar with cisco products)?
Martin
"Dan Williams" <DanWilliams@xxxxxxxxxxxxxxxxxxxxxxxxx> wrote in message
news:C044B867-41F8-418C-86E6-D6919AECF851@xxxxxxxxxxxxxxxx
Hi Martin,
We have this senario at our office and it works fine.
Clients are Cisco VPN 4.6 connecting to PIX IOS 6.3.
You need to make sure they are minimum IOS 6.3 and have the line:-
ISAKMP NAT-TRAVERSAL
The command is not supported in previous versions.
All of our clients without this configuration will not work from behind an
ISA server.
Regards
Dan
--
Dan Williams [MCSE]
Imex Technical Services
"Martin S." wrote:
Hello Henk,
thanks for reply, however I'm not sure if we understand each other.
My problem is that clients connectig from network behing ISA 2004 which i
s
doing (also) NAT to network with Cisco PIX 501 (as vpn gw) by using Cisco
VPN client.
1. When I connect from home with my laptop (win xp sp2) through my DSL
connection I can connect and work fine.
2. If I connect from office with same laptop, I can connect to that cisco
nw, but nothing else. Client is connected but I can not ping nor connect
to
any device on the remote network.
Any ideas?
Thanks,
Martin
"Henk Steunenberg (Ms)" <stjesp@xxxxxxxxxxx> wrote in message
news:uRCkW$XWGHA.5012@xxxxxxxxxxxxxxxxxxxxxxx
Hello,
http://support.microsoft.com/default.aspx?kbid=885407
By default, Windows XP SP2 no longer supports IPSec NAT-T security
associations to
servers that are located behind a network address translator.
Therefore,
if your
virtual private network (VPN) server is behind a network address
translator, by
default, a Windows XP SP2-based VPN client cannot make a Layer Two
Tunneling
Protocol with IPSec (L2TP/IPSec) connection to the VPN server. This
scenario
includes a VPN server that is running Microsoft Windows Server 2003.
regards,
Henk
"Martin S." <smisik@xxxxxxxxx> wrote in message
news:em7mBLwVGHA.3940@xxxxxxxxxxxxxxxxxxxxxxx
Hello,
I have problem with clients connecting with CIsco VPN client to
another
network. Our network is simple with ISA 2004 acting as gw and
firewall.
We have all outgoing traffic allowed except TCP port 25. However, when
users are connecting with Cisco VPN client to mentioned network they
are
able to connect succesfully but not to ping or connect to any device
on
that network. From other netwroks it's working ok with same cisco
client.
We use simple NAT, clients has 10.218.61.X adresses assigned by DHCP
and
ISA has one public adress assigned. Remote network uses 192.168.100.X
adresses. As I wrote, when I connect from outside of our network it's
working fine. I can connect to remote network, and work normaly. If I
connect from our company network, I can connect but nothing else. Does
anyone has any idea what it can cause? Thanks for replies.
Martin
.
- Follow-Ups:
- Re: Cisco VPN client connecting trough ISA 2004 - problem
- From: Dan Williams
- Re: Cisco VPN client connecting trough ISA 2004 - problem
- References:
- Cisco VPN client connecting trough ISA 2004 - problem
- From: Martin S.
- Re: Cisco VPN client connecting trough ISA 2004 - problem
- From: Henk Steunenberg \(Ms\)
- Re: Cisco VPN client connecting trough ISA 2004 - problem
- From: Martin S.
- Re: Cisco VPN client connecting trough ISA 2004 - problem
- From: Dan Williams
- Cisco VPN client connecting trough ISA 2004 - problem
- Prev by Date: Re: Certificate request problem
- Next by Date: Re: Cisco VPN client connecting trough ISA 2004 - problem
- Previous by thread: Re: Cisco VPN client connecting trough ISA 2004 - problem
- Next by thread: Re: Cisco VPN client connecting trough ISA 2004 - problem
- Index(es):
Relevant Pages
|
