Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
536
Views
0
Helpful
2
Replies

ssl vpn svc on ios one way communication only

oszkari
Level 1
Level 1

‎02-03-2008 09:27 AM - edited ‎02-21-2020 03:31 PM

Hi,

I tried to configure svc on a IOS box(12.4(6)T5) with split tunneling and loopback interface.

The address pool is from the same subnet(RFC1918) as the loopback interface.

Apparently everything is ok, the ssl vpn client is downloaded, the connection is made, in statistics i see traffic, but im unable to initiate any tcp connection to the internal lan.

I have done some packet capturing on the inside lan..the syn packet arrives to the destination server,the server respond with synack but the response never arrives back to the ssl vpn client.

However i can ping the loopback interface ip.

Any ideas?

Thank You.

Tunnel Statistics:

Active connections : 1

Peak connections : 1 Peak time : 00:04:53

Connect succeed : 1 Connect failed : 0

Reconnect succeed : 0 Reconnect failed : 0

DPD timeout : 0

Client Server

in CSTP frames : 87 out IP pkts : 83

in CSTP data : 83

in CSTP control : 4

in CSTP bytes : 7900 out IP bytes : 7159

out CSTP frames : 4 in IP pkts : 0

out CSTP data : 0

out CSTP control : 4

out CSTP bytes : 32 in IP bytes : 0

Labels:
0 Helpful
2 Replies 2

Bingram
Level 1
Level 1

‎02-03-2008 11:45 AM

Hi, I'm new to the forum. but have quite a few questions for the ASA. we're just setting up a DC, and would like to replace our current vpn client wiht the clientless SSL VPN from cisco.

couple questions, does the client cost anything? is it easy to setup and is it reliable?

thanks,

bill

0 Helpful

erikpotteiger
Level 1
Level 1

‎04-14-2008 10:54 AM

I am having a similar problem with the same setup IOS router and anyconnect client.

I can get mine to work for a while. I can access some items but after time goes by I can only send packets from the client and I never receive anything back.

I thought maybe it is because fragmentation. I enabled ip tcp mss-adjust 1300 on the VPN interface and it did help. I think it is still fragmenting UDP packets. At this point I can open Outlook 2003 and RDP sessions to Windows Servers but as soon as I try copying a file using SMB from a Windows Server it stops sending and I lose connection to the VPN. The anyconnect client shows still connected and it sends but it doesn't receive. I think it is because I am experiencing UDP fragmentation

Did you find a solution or can anyone else help?

Thank you.

0 Helpful
Customers Also Viewed These Support Documents