|
|
 FAQ
 Search
 Memberlist
 Usergroups
 Register
 Profile
 Private messages
 Log in
|
|
| Author |
Message |
Guest
|
 Posted: Sun Apr 16, 2006 7:14 pm Post subject: UMTS connection and Cisco VPN client |
 |
|
We are using the Cisco VPN client version 4.8 in combination with an
UMTS card.
When connecting to our PIX using DSL the VPN connection works just
fine. When usig the UMTS card the VPN is established and the virtual
adapter receives it's IP adress but we are not able to connect to any
nodes on the other network. The logging does not show any errors.
The following routing table is active when connecting to the VPN using
UMTS:
10.10.10.10 provided by VPN connection
72.111.111.222 provided by UMTS card
XXX.XXX.250.2 PIX
Destination Netmask Gateway Interface
Metric
0.0.0.0 0.0.0.0 10.10.10.10 10.10.10.10 1
10.0.0.0 255.0.0.0 10.10.10.10 10.10.10.10 1
10.10.10.10 255.255.255.255 127.0.0.1 127.0.0.1
1
10.255.255.255 255.255.255.255 10.10.10.10 10.10.10.10
1
72.111.111.222 255.255.255.255 127.0.0.1 127.0.0.1
1
72.255.255.255 255.255.255.255 72.111.111.222 72.111.111.222
1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1
1
XXX.XXX.250.2 255.255.255.255 72.111.111.222 72.111.111.222
1
224.0.0.0 224.0.0.0 10.10.100.10 10.10.10.16 1
255.255.255.255 255.255.255.255 10.10.10.10 0.0.0.0
1
When monitoring the traffic on my interfaces I do not see any traffic
on the VPN interface. It smells like a routing problem but I have not
been able to solve this issue.
Your advice is very much appreciated!
With kind regards,
Fred |
|
| Back to top |
|
 |
|
|
Martin Bilgrav
Guest
|
| Posted: Mon Apr 17, 2006 12:51 am Post subject: Re: UMTS connection and Cisco VPN client |
|
|
please add the command "isakmp nat-t" to your pix config, running 6.3.x
rgds
Martin Bilgrav
<fredje110@hotmail.com> wrote in message
news:1145200440.470902.256040@i39g2000cwa.googlegroups.com...
| Quote: | We are using the Cisco VPN client version 4.8 in combination with an
UMTS card.
When connecting to our PIX using DSL the VPN connection works just
fine. When usig the UMTS card the VPN is established and the virtual
adapter receives it's IP adress but we are not able to connect to any
nodes on the other network. The logging does not show any errors.
The following routing table is active when connecting to the VPN using
UMTS:
10.10.10.10 provided by VPN connection
72.111.111.222 provided by UMTS card
XXX.XXX.250.2 PIX
Destination Netmask Gateway Interface
Metric
0.0.0.0 0.0.0.0 10.10.10.10 10.10.10.10 1
10.0.0.0 255.0.0.0 10.10.10.10 10.10.10.10 1
10.10.10.10 255.255.255.255 127.0.0.1 127.0.0.1
1
10.255.255.255 255.255.255.255 10.10.10.10 10.10.10.10
1
72.111.111.222 255.255.255.255 127.0.0.1 127.0.0.1
1
72.255.255.255 255.255.255.255 72.111.111.222 72.111.111.222
1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1
1
XXX.XXX.250.2 255.255.255.255 72.111.111.222 72.111.111.222
1
224.0.0.0 224.0.0.0 10.10.100.10 10.10.10.16 1
255.255.255.255 255.255.255.255 10.10.10.10 0.0.0.0
1
When monitoring the traffic on my interfaces I do not see any traffic
on the VPN interface. It smells like a routing problem but I have not
been able to solve this issue.
Your advice is very much appreciated!
With kind regards,
Fred
|
|
|
| Back to top |
|
|
Fred
Guest
|
| Posted: Mon Apr 17, 2006 7:39 pm Post subject: Re: UMTS connection and Cisco VPN client |
|
|
Hello Martin,
Thank you very much for your kind reply!
Our PIX is indeed runing 6.3.3.
UMTS connection:
Automatic NAT Detection Status:
Remote end is NOT behind a NAT device
This end is NOT behind a NAT device
DSL connection:
Automatic NAT Detection Status:
Remote end is NOT behind a NAT device
This end IS behind a NAT device
'Peer supports NAT-T' appears in the logging.
When checking the VPN traffic with Ethereal I do see traffic with source
address 10.10.10.10. But calls do not get answered from 'the other side'.
With best regards,
Fred
"Martin Bilgrav" <bilgravCUTTHISOUT@image.dk> wrote in message
news:w6y0g.155$xH5.114@news.get2net.dk...
| Quote: | please add the command "isakmp nat-t" to your pix config, running 6.3.x
rgds
Martin Bilgrav
fredje110@hotmail.com> wrote in message
news:1145200440.470902.256040@i39g2000cwa.googlegroups.com...
We are using the Cisco VPN client version 4.8 in combination with an
UMTS card.
When connecting to our PIX using DSL the VPN connection works just
fine. When usig the UMTS card the VPN is established and the virtual
adapter receives it's IP adress but we are not able to connect to any
nodes on the other network. The logging does not show any errors.
The following routing table is active when connecting to the VPN using
UMTS:
10.10.10.10 provided by VPN connection
72.111.111.222 provided by UMTS card
XXX.XXX.250.2 PIX
Destination Netmask Gateway Interface
Metric
0.0.0.0 0.0.0.0 10.10.10.10 10.10.10.10 1
10.0.0.0 255.0.0.0 10.10.10.10 10.10.10.10 1
10.10.10.10 255.255.255.255 127.0.0.1 127.0.0.1
1
10.255.255.255 255.255.255.255 10.10.10.10 10.10.10.10
1
72.111.111.222 255.255.255.255 127.0.0.1 127.0.0.1
1
72.255.255.255 255.255.255.255 72.111.111.222 72.111.111.222
1
127.0.0.0 255.0.0.0 127.0.0.1 127.0.0.1
1
XXX.XXX.250.2 255.255.255.255 72.111.111.222 72.111.111.222
1
224.0.0.0 224.0.0.0 10.10.100.10 10.10.10.16 1
255.255.255.255 255.255.255.255 10.10.10.10 0.0.0.0
1
When monitoring the traffic on my interfaces I do not see any traffic
on the VPN interface. It smells like a routing problem but I have not
been able to solve this issue.
Your advice is very much appreciated!
With kind regards,
Fred
|
|
|
| Back to top |
|
|
Martin Bilgrav
Guest
|
| Posted: Mon Apr 17, 2006 10:11 pm Post subject: Re: UMTS connection and Cisco VPN client |
|
|
"Fred" <plsnospam@hotmail.com> wrote in message
news:4443b6be$0$2015$ba620dc5@text.nova.planet.nl...
| Quote: | Hello Martin,
Thank you very much for your kind reply!
'Peer supports NAT-T' appears in the logging.
|
Hello,
I know your log will say that, but to be sure, could you please verify that
the command in fact are in the config.
Also the line :
224.0.0.0 224.0.0.0 10.10.100.10 10.10.10.16 1
troubles me, from your route print when connected to umts
could you please give route print before umts logon and after.
Also, just to avoid it, could you try to verify the IP Pool settings on the
PIX.
Could be a good idea to use a pool different, fx 192.168.x.x, instead, as
this pool is not a Class-A pool.
(Both the umts and 10 addy are class-A)
Also verify that the VPN client is enabled in the umts card's properties.
You coulc also try a version 4.6.xxxx.xx
instead of 4.8 (I have no present experience with 4.8, but runs 4.6 on my
vodafone card myselfs with no problems)
Regards
Martin Bilgrav |
|
| Back to top |
|
|
|
|
