cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
201
Views
0
Helpful
3
Replies
Highlighted
Beginner

Old IPSec VPN client replaced with AnyConnect - traffic to destination on 500/udp

We have a user who has been using the old IPSec VPN client. We've recently upgraded to a firepower, and we've attempted to move this user over to AnyConnect. The old IPSec client was removed and AnyConnect was upgraded. The AnyConnect client establishes the VPN connection fine, the routes look OK, but he can't make a connection to any servers. 

 

When I setup a capture on the firepower, traffic from his machine is leaving on 500/udp and is destined to the server he's trying to ping on 500/udp. Same on telnet - both source and destination ports show 500/udp. 

 

He reset the tcp/ip stack on his system and rebooted, but the same behavior is observed. I can use his credentials on another laptop, and everything works fine. The Windows built-in L2TP over IPSec isn't configured. Any ideas what I might try? Thanks

 

1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
VIP Advisor

Hi,

Does he/she has any other vpn clients on his machine? Make sure they are
disconnected. Also, try to disable AV solutions and see if it works.


**** please remember to rate useful posts

View solution in original post

3 REPLIES 3
Highlighted
VIP Advisor

Hi,

Does he/she has any other vpn clients on his machine? Make sure they are
disconnected. Also, try to disable AV solutions and see if it works.


**** please remember to rate useful posts

View solution in original post

Highlighted

Thanks Mohammed for your input. Unless there is something really odd, there are no other VPN clients on the machine. I also noticed two AVs on his machine: BitDefender and Symantec. BitDefender uninstalled no problem, but Symantec threw an error, so that is still installed. We'll try to get that installed today and see if that helps. Take care.

 

Highlighted

I'm relatively new to the organization, and I found out today that there is a group policy that forces all users to connect to this server via a VPN tunnel. The problem is still being worked, but I at least have enough information to continue troubleshooting.

Content for Community-Ad