VPN 3005 unpingable after one session

drynkowski · ‎01-13-2002

I have a Cisco 3005 VPN Concentrator running V3.5 software on the Concentrator, and a Windows 98 computer running the 3.01 client. It was working fine until I recently started experiencing this:

1)Ping the gateway from a client on the public side >> It responds

2)Establish a tunnel to the private side, it works fine

3) Disconnect the session

4) The VPN unit is no longer pingable from THAT IP address

5) I can also no longer establish any sessions to the VPN concentrator from that IP

6) I PING the windows 98 computer's public IP address FROM the 3005 Concentrator's managment interface and suddenly it becomes responsive again from that client (is pingable the other way)

7) I can then establish another session however I go back to step 3

This is over an @home cable modem connection with NAT (I have the IPSEC over NAT option enabled, port 10000)

It occurs to me that the problem is one of three things, either a routing issue at the VPN concentrator, or some sort of filtering issue with my ISP, or some sort of NAT issue. The strange thing is that it was working fine and this just started with no configuration changes that I know of. The same thing happens from multiple remote clients (it's not isolated to one client box)

I would appreciate any thoughts on the situation

r-simpson · ‎01-18-2002

Possibly a problem with the Windows IP stack. I would uninstall the client and reboot, remove all the Windows networking components and reboot. Reinstall the network stack, reboot, reinstall the client and reboot. I use AT&T Broadband cable modem to connect with NAT to my company’s concentrator and have never experienced any problems even after the changeover from @home.

drynkowski · ‎01-21-2002

I probably didn't mention that rebooting the VPN 3005 concentrator solves the problem for a short time - then it comes back