07-30-2002 05:06 AM - edited 02-21-2020 11:58 AM
Hi all,
I have configured the 827 to accept VPN connections from 3.5.x clients. The VPN tunnel establishes correctly, reverse route injection happens, and then I can ping any host on the inside subnet. I can browse the Microsoft network neighborhood and connect to servers, but if I try and telnet, ftp, or ssh to any inside servers, the connection always times out. I have done some packet sniffing, and it shows that the the pc with the vpn client keeps resetting the connection for ftp, telnet and ssh. Any ideas? Thanks.
07-30-2002 08:42 PM
Try adjusting your mtu on the client, and maybe there is also an mtu issue on the 827 side.
You can confirm this by testing various length pings and see where it fails.
Regards,
07-31-2002 04:41 AM
Would you mind sharing a sanitized version of your IOS code for this? I'm trying to do something comparable for a Cisco 1720.
What IOS release are you using?
My biggest questions are regarding the AAA Auth functions. Which ref doc gave you the most info for this setup?
Have you resolved your current problem?
07-31-2002 04:50 AM
Sure, email me at jschroeder@vermeermfg.com, I'll send a copy to you. I'll find the doc that I used and include a link to it in the email. I have not resolved my problem yet, but I am not sure if the pc is working correctly. From the packet sniffing, I can see that the packets are coming back to the pc and getting decrypted, but I don't know why it doesn't work. Still looking into it.
07-31-2002 06:31 AM
The problem with telnet and ssh on the inside is due to static nat mappings on the outside interface. As soon as those were removed, all worked as it should.
07-31-2002 05:12 PM
Then you could have done policy routing so that you can still have the static nats, and the vpn working with it . It is something like this:
http://www.cisco.com/warp/public/707/static.html
Regards,
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide