01-02-2012 06:18 AM
Since last week we are having problems with remote users working with VPN client on Windows XP.
The connection is stablished but no data traffic occurs.
As we didn't do any change in vpn remote settings I did a test from Linux machine running VPNC client and it works well.
It sounds so weird because it happens only on Windows client platform.
We have CISCO ASA 5510 and PIX 515 running 8.0(4).
Anybody have some idea about this issue?
regards,
Marcelo Martins de Castro
01-02-2012 08:15 AM
I would check a client for Windows Firewall settings. I've seen issues in the past where Windows update changed firewall behavior so as to exclude access to certain applications and services that had previously been allowed. This could also happen via a Windows Group Policy being pushed to the clients from their domain controller.
01-02-2012 09:23 AM
Hi Marvin,
The Windows Firewall is not enable in corporate Windows settings.
In some tests I did I disabled the IDS host too and it didn't change the behavior.
It has a strange behaviour because VPN log doesn't show regular events as before. It only shows some events related to the isakmp negotiation protocol.
It looks like that the traffic is not sent to virtual vpn interface.
I've tried to access some applications and these tries was not showed as a event in the log.
I used the log information before to help to solve other issues but this time no information is displayed.
01-02-2012 09:32 AM
Hmmm, sounds very odd indeed. I take it the SA for your client connection shows ACTIVE when you connect from the Windows client.
Do you see any errors at all if you try debugging the connection on the Pix or ASA? See tips here:
http://www.cisco.com/image/gif/paws/5409/ipsec-debug-00.pdf
Still, the fact that the problem is restricted to Windows clients is troublesome. Do you have a "clean" Windows client you can test with - i.e., locally administered, no firewall, IDS, or AD group policies etc. on it?
01-10-2012 02:25 AM
Hi Marvin,
I'm sorry for delay.
Unfortunatelly I could not find the source from this issue, but I solved it after upgrade from 8.0(4) to 8.0(5).
thanks for all
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide