home bbs files messages ]

Forums before death by AOL, social media and spammers... "We can't have nice things"

   comp.dcom.vpn      VPN protocols, clients, awesomeness      2,348 messages   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]

   Message 609 of 2,348   
   TEM to Suppa Lamah   
   Re: Cisco 837 to Cisco 837 VPN, ping OK,   
   18 Dec 03 22:48:07   
   
   XPost: comp.dcom.sys.cisco   
   From: temartin@shtc.net   
      
   I had a similar problem with a 837 to 804 VPN. The examples that I followed   
   did not include a loopback address on the responding router to bypass the   
   NAT translation. If you are also using NAT for internet traffic, you have to   
   use a loopback interface with a "fake" ip and a route map to route   
   interesting traffic away from the NAT. I found an example on cisco.com   
      
      
   "Suppa Lamah"  wrote in message   
   news:6HhEb.9934$wM.695404@news1.tin.it...   
   > I successfully (at least I thought so) created an IPSec connection between   
   > two 12.2 IOS Cisco 837-K9.   
   >   
   > I followed step-by-step several Cisco documents and FAQ, and I had, after   
   > several tries, the IsaKmp SAs up and running, and the traffic correctly   
   > routed via NAT or thrown in the VPN tunnel.   
   >   
   > My PC clients on the separate, private networks (192.168.0.0 and   
   > 192.168.1.0) are able to both navigate the Internet via NAT, and ping the   
   > hosts on the other side of the VPN connection. I also checked for known   
   MTUs   
   > problems, and I can use 15.000 bytes ICMP packets going in and out without   
   > losing any.   
   >   
   > What I cannot do is... anything else! :)   
   >   
   > I sees any connection requesting more than a given, short amout of   
   resources   
   > (cannot tell if a number of open ports is the issue, or, much more   
   probable,   
   > some timeout on TCP connections) just fails.   
   >   
   > Example: I can successfully map a "NET USE LPT2: \\192.168.0.10\QUEUE1"   
   > printer on the other side of the connection, AND print a very short, DOS   
   > document (example: "dir > test.txt", followed by "copy test.txt lpt2:").   
   If   
   > I try to print a Windows document via Wordpad it fails ("the network name   
   > cannot be found" and such, like the connection was dropped in the middle   
   of   
   > the operation).   
   >   
   > I can successfully map a drive "NET USE K: \\192.168.0.10\HARDDISK", but a   
   > "DIR K:\" command results in only the volume label being shown, after that   
   > couple lines... no more communications take place.   
   >   
   > I also verified that using a remote control software such as VNC   
   > (http://www.realvnc.com) I can successfully open the remote screen AND   
   MOVE   
   > THE MOUSE (this is told to me from a person being on the other side),   
   > although I am unable to see anything because I have a black screen, and   
   the   
   > session fails soon...   
   >   
   > I tried anything I could think of... I downloaded and checked several   
   > documents with VPN examples, but to no avail.   
   >   
   > I also removed, to be very, very sure about it, ALL access lists on the   
   > external interfaces on both sides (then verified by using an external port   
   > scanner which confirmed all ports were open).   
   >   
   > Does anybody experienced anything similare and could help? Thanks in   
   > advance...   
   >   
   >   
   > Suppa Lamah   
   >   
   >   
   >   
      
   --- SoupGate-Win32 v1.05   
    * Origin: you cannot sedate... all the things you hate (1:229/2)   

[   << oldest   |   < older   |   list   |   newer >   |   newest >>   ]


(c) 1994,  bbs@darkrealms.ca