I am not able to figure out why any of my remote users are not able to connect through the VPN client 4.6 when they are on other networks. If they are on the internet (AOL, MSN, etc...) there is no problem.
Any help?? I am a noob so speak slowly because I have to use the interface manager.
Well some config files, logfiles, error files from both firewall and client and firewall software revision would help.
But if I understand you right, when your clients go to another network they can not access the VPN, but when they are internet they can?
The internet is another network so what is the difference between the sites they can connect from and the sites they can not connect from? Are these client sites? If so they may deny IPSEC out of their network for security purposes.
Well here is what I have for my configs and some more answers. I did change the IP's around cause I am paranoid. Thansk for the help btw
Yes, only when they do not have to go through someones network. I am not sure why they are able to connect with out any problems when they are going through earthlink, AOL or any of those.
I called and talked to the them, they said that IPSEC was allowed but will check to make sure that their "Internet Connection Sharing" was set correctly. I am thinking that this might be the problem.
I have also talked to a few more outside sales people. Seems that only some are having this problem at a few clients locations. I like how a few turns into everyone.
ICS and the Cisco VPN client will not work. Google has been my friend for many configuration questions.
formatting link
is your best firend. Some of the topics require a login. If are a noob then the best suggestion I can make to you is buy a support contract from Cisco until you are comfortable. their support is great and when you are in a pinch you can call and the answers you need.
One piece of advice I can give you is never give out your real addresses to any forum over the net. It provokes young kids in Denmark to want to hack or throw a DOS attack at you.
A general rule of thumb is if you enable any kind of admin access on an external interface you could be asking for trouble and heavily guard and monitor it. Especially now that everyone on the internet has the ip address they need to spoof to get access
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here.
All logos and trade names are the property of their respective owners.