09-27-2005 01:47 AM
When I try to connect to my vpn connection with a pc in windows xp SP2 with firewall enabled, I have this message : "Secure VPN Connection terminated locally by the Client. Reason 414: Failed to establish a TCP connection."
When I disable my firewall, it works well
I use Ipsec/tcp .
How have I to configure my windows firewall?
If you can help me ...
09-27-2005 03:46 AM
"failed to establish a tcp connection"
you mentioned ipsec over tcp has been permitted on the sp2 firewall. by default it should be tcp 10000. maybe verify with the administrator whether the default port has been modified.
09-27-2005 04:03 AM
Yes, the tcp port is 10000.
But when I try to connect on vpn, I have this message : 12:31:32.896 09/27/05 Sev=Warning/2 IPSEC/0x6370001E
Unexpected TCP control packet received from 192.31.22.5, src port 10000, dst port 3584, flags 10h
The dst port is random, and it's difficult to configure the dst port on Windows Firewall ....
When I say Windows Firewall, I say the firewall installed on my pc ...not the firewall use for tunnelling ...
09-30-2005 07:22 PM
Any luck yet? I get this error also, when attempting to connect to our server using client 4.7.00(0510) on my Mac. Same problem with 4.6.02. My Dell laptop (version 4.6.03, same profile setup) works successfully.
It seems to get past user authentication OK, but then instead of successfully "securing the communnications channel" it goes back to "Initiating TCP to..." and then
"Secure VPN Connection terminated locally by the Client.
Reason 414: Failed to establish a TCP connection."
10-01-2005 12:17 AM
maybe try to permit the program instead of permitting the specific protocol/port tcp 10000. under window security centre > window firewall > Exceptions > Add Program.
another way is to identify what sort of traffic being sent and received by the cisco vpn client. use this freeware "TcpView". it shows the current inbound/outbound traffic from the pc point of view with protocol and port. then you can configure the window firewall accurately.
10-10-2005 05:50 PM
just wondering how you go.
10-17-2005 07:51 PM
Look for my other posts about Centralized Protection Policy CPP. I'm pretty sure that's my problem; the Mac client can't respond properly and thus cannot connect to the server looking for Windows-only responses.
10-17-2005 11:48 PM
Thanks for your help.
The solution is to disable the firewall for the cisco connection.... ;)
It's not a really solution but it works now.
the Windows firewall isn't a validate firewall by Cisco ...
thanks
10-18-2005 12:08 AM
it's good to learn that your issue has been resolved.
according to cisco,
Why should I rate posts?
If you see a post that you think deserves recognition, please take a moment to rate it.
You'll be helping yourself and others to quickly identify useful content -- as determined by members. And you'll be ensuring that people who generously share their expertise are properly acknowledged. As posts are rated, the value of those ratings are accumulated as "points" and summarized on the Member Profile page and on each member's Preferences page.
10-18-2005 12:28 AM
sorry
it's once I come here. I don't know the habits
thanks for your help again
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide