Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
306
Views
0
Helpful
1
Replies

Strange VPN Question

wpalumbo06
Level 1
Level 1

‎01-07-2011 06:28 PM

Hello,

I have a user with the Cisco IPSec VPN client on her laptop and she is able to work via VPN fine from her house and from a DSL connection at work but cannot use her VPN client from a friends house (also DSL).  She can establish a VPN connection but cannot access any network resources once connected.  Additionally, I cannot ping the VPN IP address that she is given by the ASA.  I have two ASA VPN servers, one configured with split-tunneling and one without and neither one work from her friends house.  Anybody have any ideas on this? 

Thanks,

Labels:
0 Helpful
1 Reply 1

Federico Coto Fajardo
VIP Alumni
VIP Alumni

‎01-07-2011 06:48 PM

Hi,

If the VPN can be established from her friend's house but cannot pass traffic could be that ESP is being blocked on the client side.

For IPsec to work you are required to permit the following:

UDP 500 to establish the tunnel

ESP to encapsulate the traffic

UDP 4500 if going through PAT

Sometimes a VPN won't work from a specific location and could be that some of the above is not being permitted.

You could ask your ISP.

Federico.

0 Helpful
Customers Also Viewed These Support Documents