What rules have you defined for the group in question? If it is like the 3015 you may need to setup inbound and outbound rules. Have you defined "Split-tunneling" and setup your private networks as the only encryption domains. this will keep the clients from sending their internet traffic through the encrypted tunnel. I do not know of this bnews you speak of, and neither does Cisco (Results for: bnews of about 0. Search took 0.00175 seconds.)? Perhaps providing the actual error message from your logs would have been useful? http://www.cisco.com/univercd/cc/td/doc/product/vpn/vpn3000/rel3_5_1/ind ex.htm
The duplicate first packet has usually been a side affect of tunneling from behind NAT. Are you using UDP or TCP encapsulation? This can help get around ISP Filtering as well. The 3.5.2 version should support both. Ken Claussen MCSE CCNA CCA "In Theory it should work as you describe, but the difference between theory and reality is the truth! For this we all strive" -----Original Message----- From: Groomes, Jay [mailto:[EMAIL PROTECTED]] Sent: Wednesday, April 03, 2002 12:57 PM To: [EMAIL PROTECTED] Subject: Cisco VPN 3000 Concentrator All, I am having a problem getting the VPN 3000 Concentrator to authenticate users to our network. The user are using a dial-up connection in order to VPN in, but they are receiving the error, "Remote Peer has lost connection" I have searched through the firewall logs and saw that is does accept IKE traffic, but it denies bnews traffic. What is the bnews service? Also, I check the VPN logs, and it states the error, "Duplicate first packet detected!" Is there a fix for this error? And what does this error mean? Could it the problems reside on the ISP side? All help is greatly appreciated! Jay _______________________________________________ Firewalls mailing list [EMAIL PROTECTED] http://lists.gnac.net/mailman/listinfo/firewalls
