Thank you Frog and Haroon.
Everything seems to be working fine now after i checked the "*IPSec over UDP
*" under Group > client config.
I am still trying to get Split Tunneling to work though... but not a big
deal for now. Another issue with CVPN 3030 I am having is that some users
can authenticate to Active Directory while others cannot, even though they
are in same forest, OU, etc.? Local authentication works without any
problem.
Thanks,
Haroon
On Sun, Oct 11, 2009 at 2:36 AM, Farrukh Haroon <farrukhharoon_at_gmail.com>wrote:
> First thing to check would be the VPN client, are both the
> encr/decr count(s) incrementing in the client's status tab? Also you have to
> checked the bytes sent/rcvd in the VPN concentrator's status tab for remote
> access VPNs (Administration >> Administer Sessions >> Remote Access
> Sessions).
>
> Did you follow the following procedure(s)?
>
>
> http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/products_configuration_example09186a00807f6e76.shtml
>
>
> http://www.cisco.com/en/US/products/hw/vpndevc/ps2284/products_configuration_example09186a00800949b4.shtml
>
> There could be a NAT device in the middle, try configuring NAT-T as
> described below:
>
>
> http://www.cisco.com/en/US/products/sw/secursw/ps2308/products_configuration_example09186a008010edf4.shtml
>
> Also did you allow this traffic on the "filter" applied on the
> conentrator's "Public" interface?
>
> Regards
>
> Farrukh
> On Wed, Oct 7, 2009 at 6:56 PM, Haroon <itguy.pro_at_gmail.com> wrote:
>
>> Hello Experts,
>>
>> Sorry about back to back OT posts but maybe I am too dumb for this crap
>> and
>> someone can help me with this.... I am trying to configure CVPN 3030
>> Concentrator to work with either Microsoft vpn client or Cisco VPN client
>> 5.0.03.
>>
>> I have configured two groups: 1) pptp to work with MS and 2) IPSecGroup to
>> work with the cisco vpn client. I cannot make any connection with ms vpn
>> client, however, I am able to authenticate with active directory and get
>> an
>> ip address from our internal dhcp server when I use cisco vpn client(ip
>> sec
>> group). After the connection is established, I cannot ping or browse any
>> servers behind the concentrator. I even tried different subnet dhcp range
>> and adding static routes on the concentrator and router behind it (local
>> LAN) but no go.
>>
>> I have tried following the cisco documents to the last letter, google
>> search
>> and I tried configuring it using my own understanding of this but no luck.
>> Is there some setting that I am missing in the concentrator? I don't care
>> which client I use (MS preferred) as long as concentrator can
>> intelligently
>> pass traffic through to the other side as it is with the 4 site to site
>> VPNs.
>>
>> regards,
>>
>> Haroon
>>
>>
>> Blogs and organic groups at http://www.ccie.net
>>
>> _______________________________________________________________________
>> Subscription information may be found at:
>> http://www.groupstudy.com/list/CCIELab.html
Blogs and organic groups at http://www.ccie.net
Received on Tue Oct 13 2009 - 12:51:03 ART
This archive was generated by hypermail 2.2.0 : Sun Nov 01 2009 - 07:50:59 ART