03-14-2014 06:12 AM - edited 03-10-2019 09:32 PM
Mobile users (WinXP, WIN7) use VPN-Client (5.0.07.0410 and some earlier for WinXP) to access our headquarter on CISCO ASA5520, V8.2(3). At different internet access points (German DSL like unitymedia) I see a successfully authentication (CISCO ACS 4.2 with Database Group Mappings to our Windows AD) but the connection is not closed. The client don´t get any messages back and no pop-up appear for another authentication. We can repeat this process any time by clicking CONNECT again. On other internet access points (German Telecom or local provider) it works very well. Whats going wrong?
Thanks for any help.
03-16-2014 04:00 PM
since you see authentication being passed, I guess there is some issue with phase 2.
Can you run "debug crpto ipsec" and try to connect again.
Also provide me the o/p of
show crypto ipsec sa
show crypto isakmp sa
show run group-policy <group-policy-name>
show vpn session-db summary
Regards,
Jatin Katyal
**Do rate helpful posts**
03-26-2014 05:45 AM
Sorry for my late response but I was out of office due illness. In this time the problem was solved.
03-26-2014 07:18 AM
NP. Thanks for updating the thread.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide