Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2787
Views
0
Helpful
6
Replies

VPN bypassing packets

Sharon Camarillo
Level 1
Level 1

‎11-13-2010 09:34 PM

I've installed the CISCO VPN (ver 5.0.04)  on several new Windows 7 laptops.  I have two laptops which appear to connect to the VPN but can't ping the address of the server that has the software application.  For this reason the application times out.  In the Options Statistics most packets are being bypassed.  All of the PC's were configured in the same manner are working in production with the exception of these two.  Any ideas on how to correct this issue.l

Labels:
0 Helpful
6 Replies 6

apothula
Level 1
Level 1

‎11-13-2010 10:42 PM

The troublesome machines, are they 64 bit or 32 bit ?


Installing the 32 bit VPN client on 64 bit machines produces some pretty wierd and illogical behaviors beyond comprehension.


Please confirm the differences between the machines having troubles and the others not having any trouble at all.

FYI, VPN client for 64 bit machines is available only in Cisco VPN Client version 5.0.7

Avinash.

0 Helpful

Sharon Camarillo
Level 1
Level 1
In response to apothula

‎11-14-2010 05:44 PM

The laptops are 32-bit.  I have two that I have not installed which are 64 bit.  I wanted to get the 22 32-bit laptops up first then move on to the two 64-bit.  Nineteen are working fine which is why it is so puzzling that these two don't work.

0 Helpful

praprama
Cisco Employee
Cisco Employee
In response to Sharon Camarillo

‎11-14-2010 06:07 PM

Hi Sharon,

Bypassed counters increase when you have split tunnel enabled. Is it enabled in your case? Please check the "Route details" tab on you VPN client statistics and paste it here.

Also, what is the headend device that you are connecting to? Is it an ASA, router?

Thanks and Regards,

Prapanch

0 Helpful

Sharon Camarillo
Level 1
Level 1
In response to praprama

‎11-14-2010 10:10 PM

Hello Prapanch.

We are using a CISCO 2851 ISR for the VPN.  As far as the Route details under Options - Statistics - there are no entries on the Local Lan Routes side.  On the Secured Route side it has the IP address to the server that hosts the application and the SubNet Mask of 255.255.255.0.

All of the laptops that have been configured thus far are 32-bit.  The other laptops are also connecting to the same Secured Route.  They won't all be connected at the same time as it is dependent on work schedules.

Thanks.

Sharon

0 Helpful

praprama
Cisco Employee
Cisco Employee
In response to Sharon Camarillo

‎11-14-2010 11:51 PM

Hey Sharon,

Yes so you do seem to have split tunnelling enabled. Thats the resaon why you see Bypassed counters incrementing. That's normal.

Could you pose a sanitized config from the router and also the output of "show cry isa sa" and "show cry ips sa" from it when your PC is connected to the VPN.

Thanks and regards,

Prapanch

0 Helpful

apothula
Level 1
Level 1

‎11-13-2010 10:45 PM

The troublesome machines, are they 64 bit or 32 bit ?


Installing the 32 bit VPN client on 64 bit machines produces some pretty wierd and illogical behaviors beyond comprehension.


Please confirm the differences between the machines having troubles and the others not having any trouble at all.

FYI, VPN client for 64 bit machines is available only in Cisco VPN Client version 5.0.7

Avinash.

0 Helpful
Customers Also Viewed These Support Documents