We have a VPN 3005 Concentrator. The user is running VPN client 5.0.03.0560. The user was able to login to Cisco VPN client successfully. However, he cannot access the share drive or the Mainframe. When he tried to open the share drive (ip address\share name), it said network path not found. If I login as him from my home, I was able to access the share drive and the Mainframe. Do you have any suggestions?
I've never really dealt with a 3005 but, my first thought would be to have the user try and ping some resources on the network. If that's successful have them try to ping with -f -l options to see what the MTU is.
In most of the situations I've encountered 1300 works fine. To adjust it go to Start>All Programs>Cisco Systems VPN Client>Set MTU then adjust the interface being used.
Hope this helps,
No ICMP of any kind huh? Since that's the case I would try running a couple commands from the computer having issues. I woulds start with 'ipconfig /all' just to make sure the client has an IP from the VPN. Then I would try a 'route print' to make sure the client is receiving routes to the VPN network. If you have a valid IP and there are routes for your private network then it sounds like it should be working. Which kind of leads me back to MTU, but I'm not really sure how to test that without the use of ICMP.
Hope this helps,
Thanks for your prompt response, again.
I will try your suggestions next week (user is on vacation). The workstation has a public IP address. The gateway has a public IP address. The DNS and DHCP servers have a private IP address. The VPN is setup for Split-tunneling. The user was able to get on the internet when connecting through VPN. The workstation is running MCAfee software and no other firewall software. This particular version of MCAfee has the virus scan, firewall, spy ware, etc. features. Do you have any other suggestions besides what you already mentioned? Thanks.
No problem Laura.
Another couple ideas would be to do an nslookup and see if the host is able to pass DNS queries through the tunnel to the private DNS server, and maybe have the user try a remote desktop connection to a pc on the internal network...?
I'm not too familiar with the Mcafee firewall but that would probably be the next thing to inspect.
Hope you get things figured out!