Go Back   Technibble Forums > Technical Discussions > Networking

  Technibble Sponsor

Reply
 
Thread Tools Display Modes
  #1  
Old 03-27-2012, 06:01 PM
seedubya's Avatar
seedubya seedubya is offline
 
Join Date: Jan 2008
Location: Carlow, Ireland
Posts: 3,311
seedubya has a spectacular aura aboutseedubya has a spectacular aura about
Default Cisco VPN client not connecting

OK. New client. 2 Sites. Main site 8 users on SBS 2003. 2nd site 3 users connecting via VPN. Don't now if it's site to site or client to site. 4 roadwarriors using the Cisco VPN client.

Today one of the RWs got "Error 5: No hostname exists for this connection entry. Unable to make vpn connection." Documentation mostly points to a corrupt .pcf file (which stores the VPN client connection settings). General advice is replace the file with a known good copy and away you go!

Not so much. Now I have "Secure VPN connection terminated locally by the Client. Reason 412: The remote peer is no longer responding"

I have tried many different solutions to this - none of which have worked. Interestingly, I have installed the VPN client software on one of my own pcs and no joy connecting from there either.

Can any of you point me in the right direction?
Reply With Quote
  #2  
Old 03-27-2012, 06:27 PM
teksquad teksquad is offline
 
Join Date: Jul 2011
Location: Raleigh, NC USA
Posts: 162
teksquad is on a distinguished road
Default

What device is the vpn terminating on? What type of vpn is it. Ipsec, PPTP. Is it a L2L tunnel or a Remote Access vpn or both? Are these clients behind a nat device? If so make sure NAT-T is checked on the vpn client profile. Does the terminating device have a static ip address? Can also try editing the vpn profile and change ForceKeepAlive =1. Have the remote users disable their windows firewall temporarily.
__________________
Andrew Bromfield
andrew@teksquad.net
http://teksquad.net


Last edited by teksquad; 03-27-2012 at 06:39 PM.
Reply With Quote
  #3  
Old 03-27-2012, 06:56 PM
seedubya's Avatar
seedubya seedubya is offline
 
Join Date: Jan 2008
Location: Carlow, Ireland
Posts: 3,311
seedubya has a spectacular aura aboutseedubya has a spectacular aura about
Default

The device is terminating at a Cisco 830 router I think. Unfortunately I have very little information. It's an IPSEC connection. L2L or Tunnel I don't know and don't know how to find out. Yes they're behind a NAT device - Zyxel dsl modem/router (domestic model) I assume the terminating router has a static IP as the pcf file has an IP address rather than a host name.
Reply With Quote
  #4  
Old 03-27-2012, 07:01 PM
YeOldeStonecat's Avatar
YeOldeStonecat YeOldeStonecat is online now
 
Join Date: Nov 2011
Location: Southeast Connecticut
Posts: 7,912
YeOldeStonecat is a splendid one to beholdYeOldeStonecat is a splendid one to beholdYeOldeStonecat is a splendid one to beholdYeOldeStonecat is a splendid one to beholdYeOldeStonecat is a splendid one to beholdYeOldeStonecat is a splendid one to behold
Default

Quote:
Originally Posted by seedubya View Post
The device is terminating at a Cisco 830 router I think. Unfortunately I have very little information. .
Without knowing "for sure"..and without having access to the router/VPN end point itself so you can check settings and look at logs....to be blunt..you're spinning your wheels and wasting your time. Can you get access to it?
__________________
Resident "Geek on a Harley" doing IT in Southeast Connecticut
http://www.dynamic-alliance.com/
https://www.facebook.com/YeOldeStonecat
Reply With Quote
  #5  
Old 03-27-2012, 07:35 PM
teksquad teksquad is offline
 
Join Date: Jul 2011
Location: Raleigh, NC USA
Posts: 162
teksquad is on a distinguished road
Default

If you can get access to the 830.


debug crypto isakmp


debug crypto ipsec


Log to syslog if possible as the output will be rather verbose.

Also double check its a static ip address.


The cisco vpn client also has a logging feature. May want to look at that as well.
__________________
Andrew Bromfield
andrew@teksquad.net
http://teksquad.net


Last edited by teksquad; 03-27-2012 at 08:10 PM.
Reply With Quote
  #6  
Old 03-30-2012, 11:37 AM
seedubya's Avatar
seedubya seedubya is offline
 
Join Date: Jan 2008
Location: Carlow, Ireland
Posts: 3,311
seedubya has a spectacular aura aboutseedubya has a spectacular aura about
Default

Just wanted to let you guys know that this is now resolved. Turns out the .pcf file I was using to replace the corrupted one was one that was no longer valid i.e. the IP address of the VPN termination device had changed.

This is what happens when you don't have enough information!

Thanks for the help guys.
Reply With Quote
Reply

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT. The time now is 02:25 PM.


Powered by vBulletin®
Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Technibble.com is based out of MELBOURNE, AUSTRALIA.