RE: VPN Concentrator with VPN Clients

Haroon,

I can't comment much on the pptp connection, but with the VPN client, what are
you seeing in the statistics and secured routes page? How about on the
concentrator, you should see some client statistics there that would indicate
if you're seeing two-way traffic. Basically I think you should check out the
logs some more.

-ryan

From: Haroon [mailto:itguy.pro_at_gmail.com]
Sent: Wednesday, October 07, 2009 12:23 PM
To: Ryan West
Cc: Cisco certification
Subject: Re: VPN Concentrator with VPN Clients

Hi Ryan,

Thanks. The concentrator has one interface in the internal LAN (192.168.1.5)
and other one is public... I did try different subnet pool on the concentrator
and statically route from the internal LAN gateway (192.168.1.1) to
concentrator and back but that didn't work either.

I even tried adding static routes on windows XP machine that I am using to
test, still nothing.

regards,

haroon
On Wed, Oct 7, 2009 at 12:02 PM, Ryan West
<rwest_at_zyedge.com<mailto:rwest_at_zyedge.com>> wrote:
Haroon,

The concentrator usually does RRI. I wasn't really sure, but you did say that
you tried assigning a local pool and statically routing that network from your
router to your concentrator? If the concentrator is on a logically separate
network than what your DHCP is assigning and that network is local to the
router or the clients, you can see the routing issue there. If you want to
use it in that manner, the concentrator would need to sit on your internal
network.

-ryan

-----Original Message-----
From: nobody_at_groupstudy.com<mailto:nobody_at_groupstudy.com>
[mailto:nobody_at_groupstudy.com<mailto:nobody_at_groupstudy.com>] On Behalf Of
Haroon
Sent: Wednesday, October 07, 2009 11:56 AM
To: Cisco certification
Subject: OT: VPN Concentrator with VPN Clients

Hello Experts,

Sorry about back to back OT posts but maybe I am too dumb for this crap and
someone can help me with this.... I am trying to configure CVPN 3030
Concentrator to work with either Microsoft vpn client or Cisco VPN client
5.0.03.

I have configured two groups: 1) pptp to work with MS and 2) IPSecGroup to
work with the cisco vpn client. I cannot make any connection with ms vpn
client, however, I am able to authenticate with active directory and get an
ip address from our internal dhcp server when I use cisco vpn client(ip sec
group). After the connection is established, I cannot ping or browse any
servers behind the concentrator. I even tried different subnet dhcp range
and adding static routes on the concentrator and router behind it (local
LAN) but no go.

I have tried following the cisco documents to the last letter, google search
and I tried configuring it using my own understanding of this but no luck.
Is there some setting that I am missing in the concentrator? I don't care
which client I use (MS preferred) as long as concentrator can intelligently
pass traffic through to the other side as it is with the 4 site to site
VPNs.

regards,

Haroon

Blogs and organic groups at http://www.ccie.net<http://www.ccie.net/>
Received on Wed Oct 07 2009 - 12:53:39 ART