VPN doesn't work after succesful authentication [Archive] - SpeedGuide.net Broadband Community
PDA

View Full Version : VPN doesn't work after succesful authentication

olaf
01-30-03, 10:29 AM
I am using an E-tech ADSL modem with Cisco client software (3.6.3).
After succesfull authentication i can't do anything.
Ping, telnet, contact exchange server it doesn't work.
If i use an oldfashioned modem (v90) it all works.
What could be the problem?
cyberskye
01-31-03, 01:12 PM
Dial up vs. vpn: you are probably connecting to two completely different devices. But this does confirm that you have credentials on the network.

Have you contacted your network administrator? A lot of things could cause the symptoms you describe
olaf
02-02-03, 06:31 AM
I found a work around.
I installed winroute (a software router)
i approved all incoming and outgoing IP requests and UDP
requests and now it works.
It still puzzles me why ???
Bouncer
02-03-03, 08:34 AM
Could be a couple of things, including the following:

You have routes in place to reach the internet etc. When you activate the VPN, it creates the tunnel, but your routing tables are still pointing out your local interface. You need to tell your system to route via the VPN tunnel.

Regards,
-Bouncer-
twwabw
02-04-03, 03:46 AM
Many of the SOHO routers have problems with VPN clients. Usually has to do with the client and NAT pass through. The client authenticates phase 1 and Phase 2 because they are outbound initiated, but then on the return leg of the 2nd phase, it can't transverse NAT to know where you are on the other side of the firewall. Your Winroute solution is a proxy, and you have effectively turned it off by allowing all inbound and outbound traffic.

There is a setting in the Cisco 3.x client called "Allow IPsec through NAT mode". This parameter must be enabled if NAT is used. Also, you may also have to assign your PC a static IP inside the lan, and set up port forwarding on the router. You will likely need to forward Inbound/Outbound for UDP port 500 to IP address of your VPN server; Inbound/Outbound for UDP port 10,000 to the same server; and Inbound/Outbound for IP type 50 (ESP) to the same server if your router does not support IPsec pass through.



Or.... buy a router that will support the client. Most of the Linksys routers do it very well, albeit only w/current firmware for some models.