Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Question of convenience: is it fairly safe to permit outbound ports 500, 50 and 10000 to any outside address for VPN connections without compromising security?Tired of setting up inside-to-outside statics on my firewall for every VPN session that re...
I have a 3002 tunnel to a 3015. Behind the 3002 is a Cisco router with NTP setup on it. No NTP traffic appears to be traversing the tunnel, there are no filters on the tunnel prevent NTP (123) traffic.Is there something in the 3015 that has to be s...
any reason why this only works with a pre-shared key configuration and not certificate based connections. I cannot find any docs that say you must upgrade the concentrator to 4.0 before running the 4.0 client.
Cisco VPN 3015 running 3.6.5.Rel.3.6.2B Clients connecting with preshared key config.I get this working from many locations except one. Remote location continually gets Duplicate first packet detected! in the 3015 logs. After numerous tries the cli...
We have a VPN3015 running 3.6.5. The new client v4.0 works fine with preshared key connections but fails with certificate based users.Does anyone know if you can run client v4.0 with a certificate based auth and xauth to a concentrator running 3.6....
strangely enough it seems to be working now. I am not sure if i had a zonealarm issue or the fact that a nortel client is on the workstation as well.it will be a huge bonus if the cisco v4.0 works while a nortel client is on the same pc. v3.6.3 doe...
Thanks for the reply. I am suspecting the ISP totally. We have created a true NAT 1-to-1 Internal IP to External IP address at the ISP and this seems to have resolved the problem somewhat. End user still has difficulty connecting on a consistent b...
Thanks for the reply. We are using MS Cert. Services on a Win2K platform. The system is working perfectly for clients that are 3.6.2b but I wanted to test the new v4.0 client and found that it only works with preshared keys and not with a certificat...
Found a document that states you have to be at 3.6 for http crl checking. So you were exactly right. We have upgraded and the crl is working now.Thanks
