My OS is XP, router is DI-713p (DLINK) and ISP is SNET/SBC (DSL). I cannot connect to my work's VPN when I start the client (CISCO 3.5) software going through the DLINK router. If I disconnect the router and connect the DSL modem to the PC I can connect to my work's VPN with the Cisco software.

The router supports IPSec (NAT/PAT). Could it be a problem with the MTU size? What MTU size should the router, client software and XP's registry be set to?

Your help is apppreciated.

Thanks,
Mark

Howdy,

Obviously you've narrowed the problem down to your router. It sounds to me like its some sort of firewalling/proxy feature preventing you from connecting to the VPN. NAT/PAT would definately cause this problem if it were not set up correctly. Verify that NAT is implemented correctly.

If you can connect without the router, you shouldn't have any problems with the router in place as long as NAT is doing its job.

Check to see that all Protocol and Application port numbers can pass through the router.

Wish I could be of more help, but you'll figure it out :), Let me know.

-mStorm

You need to allow inbound/outbound IP Type 50 (IPSec); inbound/outbound UDP Port 500 (IKE); and inbound/outbound port 10,000 if NAT is utilized. On the Cisco client configuration, under options, be sure to check the box for use if NAT is enabled.

I'm not an network/Cisco expect to say the least.

You mentioned "You need to allow inbound/outbound IP Type 50 (IPSec); inbound/outbound UDP Port 500 (IKE); and inbound/outbound port 10,000 if NAT is utilized."

We are running the Cisco VPN software on a PIX firewall. Is the IP Type 50, OKE and port 10,000 all defined in the PIX firewall software configuration?

The client software has Enabled Transparent Tunneling and Allow IPSec over UDP (NAT/PAT) checked.

The option Use IPSec over TCP (NAT/PAT/Firewall) TCP Port 10000 is not checked.

Thanks for your help.

I'm no Cisco PIX expert either! But, I have set up these VPN clients before. This is just the way I've always (usually!!!) been able to set them up. Can't tell you about the PIX hardware setup end. I guess I was assuming that was already set up and running. I'm only referring to your Client setup, and router.

WOW does this sound familiar,almost. I connect via the dlink 713p and had the problem until in the wireless card on the pc, i put in the vpn domain, (i think tha tis what i did, its been a while ago, but it might give you a place to start)