cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1568
Views
0
Helpful
15
Replies

VPN 3.1 with XP problems

HEATH FREEL
Level 1
Level 1

I have successfully installed ver 3.1 of the client and have it working almost.

Dial up connections work and allow me to connect to my network via IP but WINS is not working - even though the WINS addresses have been successfully pushed down.

LAN connections - either cable or DSL seem to allow me to connect and authenticate but I cannot pass IP traffic. I have disabled all the Security parameters in XP but still no luck.

Has anyone else had a similar problem? Is there a fix?

Thanks,

Heath

15 Replies 15

ciscomoderator
Community Manager
Community Manager

Since there has been no response to your post, it appears to be either too complex or too rare an issue for other forum members to assist you. If you don't get a suitable response to your post, you may wish to review our resources at the online Technical Assistance Center (http://www.cisco.com/tac) or speak with a TAC engineer. You can open a TAC case online at http://www.cisco.com/tac/caseopen

If anyone else in the forum has some advice, please reply to this thread.

Thank you for posting.

cjacinto
Cisco Employee
Cisco Employee

First try the newest client 1.1.

Second, try to use lmhost file to see if you could ping by name. If this works, then you have issue with your WINS Server configuration. If it doesn't you could try to hardcode the Wins ip on the Dialup adapter properties to see if it works. If not, a sniffer trace on the inside of the concentrator as your client tries to browse the network is needed.

With the LAN connection, not being able to pass traffic, do a ipconfig/all and see if you have an ip address on one of your interfaces that is the same as the ip pool that you are being assigned by the concentrator. This is the common issue.

bswaby
Level 1
Level 1

I am having the exact same problem when I connect using either the 3.1 or 3.1.1 client. I can connect to our network just fine, but when ever I try to ping, browse or do anything on the network it will not work. I think it's an mtu setting issue, but I don't know how to change it in Windows XP. I have used the setmtu.exe utility that cisco provides but it doesn't seem to help.

bswaby
Level 1
Level 1

I have the same problem with windows xp. I connect to my dsl modem using the built in pppoe connection connect to the pix just fine but cannot do anything once I am on. I am receiving all of my ip settings just fine. I think the issue has to deal with the mtu settings being to high on the built in pppoe virtual adapter, but I do not know how to change it. In Windows 2000 all you had to do was go to device manager, click on the virtual pppoe adapter and change the mtu settings. Once done you were off to the races. I have tried using setmtu.exe utility and changed all of adapters to a lower mtu setting in windows xp but that didn't help. Setmtu.exe also didn't help the issue in windows 2000 until I figured out that you have got to set it on the adapter itself. Go figure. Anyway, good luck and if you find the answer shoot it back out here for all of us.

Thanks

Ben

I'm having the same problem. However, I was able to get it to work with Windows XP Professional but not with Windows XP Home edition. Can someone let me know what version they are using. I can get in, check my e-mail and ping the servers, but I can't visually bring my server(s) folders up on my screen.

Thanks

I am using version 3.1.1. I talked to Cisco technical support for two hours last night and got no where. I have successfully setup a windows 2000 computer on the same dsl connection and got on fine. I also have got another person on Windows xp using a cable modem, and 22 other dial up/broadband users on windows 2000 that doesn't seem to have a problem at all. I have noticed that when ever I do connect to our network with Windows XP I do not get the secure keys on the two inside networks. I think if I can figure that problem out it might work. Oh yeah, I did finally end up trying to change the mtu settings in windows xp for the pppoe connection, but it wasn't easy to find. I found some good articles on mtu settings at www.google.com. I am going to take a laptop home this weekend and install a fresh copy of Windows XP and the cisco client 3.1.1 and hopefully connect to our network successfully. Does anyone have any ideas on why I don't get the secure keys when I log on?

I have done a little more digging and have found more information on the problem that we are experiencing. It appears (for those that didn't know) that Windows XP home edition won't log on to domains and doesn't support Netware or virtual private networks (VPN's).

http://www.extremetech.com/article/0,3396,s%253D1034%2526a%253D11839,00.asp

More info .. if anyone is getting this error "The vpn Subsystem is not available" check this site for what may be a fix.

http://www.ect.anl.gov/networking/vpnfaq.htm#Problem:%20Receive%20a%20VPN%20subsystem%20unavailable%20error%20when%20attempt%20to%20make%20a%20connection%20using%20the%20client

I got this from this forum under a different topic. I don't know if this will work or not but I will try and see if it helps.

Ramon

bswaby
Level 1
Level 1

Thanks for information on windows xp home edition but my problem has to deal with Windows XP Professional. I ended up setting up a laptop this weekend with a brand new install of windows xp. Once I got the laptop up the first thing I installed was vpn 3.1.1. I signed onto my dsl connection and walla the vpn problem was fixed. At this point I still don't know what's caused it to not work so I set up my windows xp laptop to connect with the vpn 3.1.1. It didn't work either. Now, I am thinking it's something I have installed.

My desktop only has windows xp w/all the updates, Office XP 2002 w/ all the updates, and the windows xp powertools installed. My laptop has everything that my desktop has a serveral more developer tools.

Since my patience is usually short and I needed to work from home this weekend I formatted and reinstalled my desktop with windows 2000, vpn 3.1.1 and Office XP. I changed the mtu settings to 1350 and I am now good to go. Later this week I am going to upgrade my desktop to Windows XP Pro and try it again.

I am also going take the laptop that I got to work with windows xp and vpn 3.1.1 and install the software one by one while connecting to the vpn between each install. I also figure that the problem could be with one of microsoft's patches. So, if vpn connection works fine after all the software installs, I am going to start installing all the microsoft updates. Who know, maybe after spending serveral hours I might find it.

If any of you guys come up with something please let me know because it's driving me nuts that I cannot use Windows XP and vpn 3.1.1

Thanks

Ben

dmurnin
Level 1
Level 1

Have you "logon to network" set to enable on your dial-up connection. If not netbios over tcpip will not work.

dmurnin, thanks for your tip. However, I don't understand why you have to enable "logon to network" if someone is using DSL or cable. Can you please clarify this.

I have also been experiencing problems installing the pro version of XP. For some reason I cannot get it to log into my work network or even connect. I get a time out error.. any thought on this.

Thanks

bswaby
Level 1
Level 1

I have had the same problem with DSL users. I called Cisco and work with their DSL and VPN experts on several occasions but they could never help nor did they have any clue on people having problems connection with XP and DSL. I moved back to Windows 2k so that I could at least work from home. When version 3.5 came out a few weeks ago I tried it on Windows xp and everything was working fine.

Beware of Internet connection sharing, becuase it still doesn't work when you have it turned on. It's a real bummer that it doesn't work with Internet connection sharing or by going through a NAT. Cisco claims that they will be coming out with an update to the pix that will allow it to go through a NAT, but I wouldn't wait on it to long.

Good Luck

Ben

I still have problems with windows xp, even when I tried v3.5. I can connect on one machine but can't access the servers or even ping the servers. On another machine I can log into my work e-mail and ping the servers but can't see them. I did get it to work on one xp machine but I have no idea what I did, I just about tried everything I could think so I don't know what I actually did to get it to work. I'm using cable and not DSL.

When you mention about internet connection sharing do you think this would apply to a router that has a four port hub that has 3 machines connected to it. I have such a configuration. The reason I mention this is because I can connect with one machine but not with the others.

Any info would help.

Thanks

Have you tried taking the router out of the configuration and hooking up your cable modem directly into each on the the computers? You may also want to try to reboot the router or clear the tables on it to see if it will then let another pc on.

If you have gotten a pc to work in a NAT/PAT configuration my hat is off to you. I have only really tried it by using windows built in Internet Connection Sharing, which is basically a PAT configuration.

Awhile back I ran into a VPN problem when inside users (private network) tried to VPN into another network going through our Cisco Pix. At the time our Pix firewall was set up to use a PAT configuration. In the PAT configuration I could only log on one pc at a time. To get another pc to connect I had to log off the pc that was connected and clear the pix's xlate tables or reboot it (don't remember which one I did exactly--- probably both knowing me). To resolve the issue, I had to create a NAT (a one to one correlation) scope for the pc's that connected to a remote VPN network for it to work correctly. I am not sure if that will help, but it might be something to look at.

If you find out how to hook up the Cisco client through a PAT/NAT configuration let me know how you

did it.

Ben

brent.siler
Level 1
Level 1

I have 3.01ak9 working on XP. I use a linksys wireless router to connect via Nat to our corporate network. I have to turn on Deterministic Networks when wireless and turn it off when hard wired. If your VPN connections sits for about 30 seconds and then you get "Peer host terminated connection", its a deterministic network issue. You can find the setting under your network adapters/properties. Play with it and see if you can get it to work or contact me directly.