08-18-2000 10:39 AM - edited 02-21-2020 11:13 AM
What are the issues you are facing with your use of VPN? What VPN issues would you like to discuss on the Networking Professionals Connection?
Please let us know by posting your comments to this conversation.
Thank you for visiting the Cisco Networking Professionals Connection.
Cisco Moderator
09-25-2001 11:33 AM
I have a VPN client that gets disconnected while using DSL with a message "IPSec terminated session". But the same laptop will stay connected for hours while using a dial connection. Where or how do I start troubleshooting a problem like this?
10-11-2001 02:45 PM
I have a similar situation. Did you find any solutions to this problem?
09-27-2001 09:52 AM
Can we have a MPLS discussion forum?
10-08-2001 02:04 PM
I am using a Cicso VPN client supplied by a vendor. I would like to automate the process of making/ending the connection. I can run the client.exe program in a batch file, or use the SHELL command in Visual Basic, and have checked the auto connect box so the connection is made, but there is no way to disconnect and close the VPN client after sending/receiving files. Is there a work around for this?
Thanks,
Dave Murray
10-18-2001 12:19 AM
We have a lot of problems with SDI authentication from VPN concentrator 3000 devices.
It seems that every version of concentrator software has bugs in this area. 3.0.3B claims to have solved the "non in service problem". I disagree.
Even 3.1 has problems in this area, and we really don't know which version, if any is stable.
10-18-2001 08:33 AM
I have to configure a VPN3005 in the back of a 3620: 3620 authenticates the dial-up user through RADIUS and then the VPN client has to setup an IPSEC tunnel with VPN3005.
But then VPN client is unable to set security policies with VPN3005, as if in some way the 3620 would filter some protocols/ports.
Please help.
02-21-2002 09:34 AM
I have a customer with VPN tunnels from central site to branch offices over internet. we want to backup it with point to point isdn connection:
Internet connection are maded with Frame Relay connectivity
Brach office have 2600 router with bri interface.
Central site have pri interface.
I think to use backup interface from branch office to central site; but from central site I need to use routing ..??
I appreciate sugestions.
03-05-2002 04:48 PM
I am having initial connection problems logging into our servers through our IPIP tunnels using private addresses. The UNIX Login prompt and FTP Login prompts take over a minuit to appear or time out all together. If we use NAT and telnet or FTP to the public address the login prompt displays immediatly. We are using 2600 routers in the field and a 3600 router at the Colo site. There is also a PIX at the colo site that the tunnels have access through. Additionally we have a four site private frame that also terminates at the 3600 router and those sites are also experiencing the same delays but they don't have the ability to access the servers throught the internet. Here is a sample config of one site and the 3600.
Sample Site
!
interface Tunnel25
ip address 172.25.0.1 255.255.255.252
no ip directed-broadcast
tunnel source Ethernet0
tunnel destination 216.44.44.44
tunnel mode ipip
!
interface Ethernet0
description 025 Internet
ip address 254.200.93.10 255.255.255.252
ip access-group 101 in
no ip directed-broadcast
ip nat outside
!
interface Ethernet1
description 025 LAN
ip address 10.25.0.1 255.255.255.0
no ip directed-broadcast
ip nat inside
!
ip nat inside source list 1 interface Ethernet0 overload
ip classless
ip route 0.0.0.0 0.0.0.0 e0
ip route 10.0.0.0 255.0.0.0 Tunnel25
ip route 10.10.0.0 255.255.0.0 Tunnel25
ip route 10.11.0.0 255.255.0.0 Tunnel25
ip route 10.15.0.0 255.255.0.0 Tunnel25
3600 main router
!
interface Tunnel25
ip address 172.25.0.2 255.255.255.252
tunnel source Ethernet0/0
tunnel destination 254.200.93.10
tunnel mode ipip
!
interface Ethernet0/0
description Exodus LAN
ip address 10.11.1.1 255.255.0.0 (pix 216.44.44.44)
!
interface Serial0/0
description Anywhere T1
ip address 10.20.1.2 255.255.255.252
service-module t1 clock source internal
!
interface Serial0/1
description Intermedia 192k PVC
no ip address
encapsulation frame-relay IETF
load-interval 30
service-module t1 timeslots 1-3
frame-relay lmi-type ansi
!
interface Serial0/1.1 point-to-point
description pvc to Sacramento
ip address 10.2.254.1 255.255.255.252
frame-relay class CUL1
frame-relay interface-dlci 102
frame-relay payload-compression packet-by-packet
!
ip classless
ip route 0.0.0.0 0.0.0.0 10.11.1.10
ip route 10.10.0.0 255.255.0.0 10.20.1.1
ip route 10.15.0.0 255.255.0.0 10.11.1.10
ip route 10.25.0.0 255.255.255.0 Tunnel25
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide