|
Cool,
check that out. When I first brought mine up I could not connect internal or
external. I used a different key for internal and connected. I got the same
error from the outside that you get and found that FW's and ISp can cause that
problem. After removing the personal FW I got disconnected by remote host errors
and found that the guy setting up the remote clients fat fingered the
preshare key on the client. Now all is good.
I took at look into
the link you sent me, and I configured my events, but I am unable to connect
locally. I believe there might be an issue on my Internet facing
router.
-----Original
Message-----
From: Steve
Smith [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 03, 2002 2:43
PM
To: Groomes, Jay; ecklesd;
[EMAIL PROTECTED]
Subject: RE: Cisco VPN 3000
Concentrator
If you
load the client on your pc locally can you connect? If so you know it is a
port issue somewhere wheather it is you FW or an ISP block VPN/ESP/AH type
stuff. I know some do.
-----Original
Message-----
From: Groomes,
Jay [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 03, 2002 1:18
PM
To: Steve Smith;
ecklesd; [EMAIL PROTECTED]
Subject: RE: Cisco VPN 3000
Concentrator
No
software FW are running on the clients, I also read that information on an
online forum.
Also,
Yes… we have tried changing the port to use 10000… One question, that is UDP
10000, not TCP 10000, correct?
-----Original
Message-----
From: Steve
Smith [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 03, 2002 2:15
PM
To: Groomes, Jay;
ecklesd; [EMAIL PROTECTED]
Subject: RE: Cisco VPN 3000
Concentrator
Is
there any FW on these clients? I had some folks with the same error and it
was because they had personal firewalls on their pc or in
between.
Also,
Have you tried changing it to use port 10000 instead of
default.
-----Original
Message-----
From:
Groomes, Jay [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 03, 2002 1:04
PM
To: ecklesd;
[EMAIL PROTECTED]
Subject: RE: Cisco VPN 3000
Concentrator
Lance,
Thanks for the
reply. No, our network does not have Beos systems running on our
network. And I’m sure that the clients are not running the
newsreader as well.
We
currently have the Cisco 3005 Concentrator, and we are running version
3.5.2 on the Concentrator, and version 3.5 on the
clients.
Jay
-----Original
Message-----
From:
ecklesd [mailto:[EMAIL PROTECTED]]
Sent: Wednesday, April 03, 2002 1:57
PM
To: Groomes, Jay;
[EMAIL PROTECTED]
Subject: Re: Cisco VPN 3000
Concentrator
Do you have Beos
systems running on your network? Beos newsreader clients use the
bnews service.
"Duplicate first
packet detected" message happens when the transition from IKE and
AUTH phases gets corrupted
usually because the client can't use
protocols and ports to establish the session. What version of the VPN 3000
do you have? Upgrading to version 3.0 or greater should solve this
problem if you are running an older version.
----- Original
Message -----
Sent:
Wednesday, April 03, 2002 12:56 PM
Subject:
Cisco VPN 3000 Concentrator
All,
I am having a
problem getting the VPN 3000 Concentrator to authenticate users to our
network. The user are using a dial-up connection in order to VPN
in, but they are receiving the error, “Remote Peer has lost
connection” I have searched through the firewall logs and saw that
is does accept IKE traffic, but it denies bnews traffic. What is
the bnews service?
Also, I check
the VPN logs, and it states the error, “Duplicate first
packet detected!” Is there a fix for this
error? And what does this error mean? Could it the problems reside
on the ISP side?
All help is
greatly appreciated!
Jay
|
