Solved

VPN Client Network Mask

Posted on 2004-08-14
8
509 Views
Last Modified: 2013-11-16
I have a Cisco VPN Concentrator 3000 series. I use Cisco VPN clients v4.x to connect. I am using a configured pool of addresses to dole out to the clients when they connect. I want the clients to get a specific mask as well but I am missing something.

I have defined a mask in the group configuration but my clients still get a mask based on the class of my IP pool.

How can I define a subnet mask for my VPN clients?
0
Comment
Question by:mousers
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
8 Comments
 
LVL 79

Expert Comment

by:lrmoore
ID: 11802878
What version OS do you have on the 3000? I just upgraded one to 4.1.5 this morning and noticed that there is now a subnet mask setting for the address pool..
0
 

Author Comment

by:mousers
ID: 11803979
I have v4.0.1D. I'll try to grab the IOS and try to perform the upgrade tonight. Any gotchas you came accross?
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 11809928
If you're using OSPF routing, I've found a glitch in the reverse rout injection.
Otherwise, it took all of 5 minutes.
Do you have any LAN-LAN tunnels set up, specifically to an IOS router? You might have to modify the router's config to add an isakmp keepalive. I found that out going from 4.0 to 4.1 a while back..
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:mousers
ID: 11810114
I have 4 LAN-LAN tunnels. I am trying to get the new IOS from Cisco TAC right now.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 11810407
If your LAN-LAN tunnel terminates on a router, then you will need to add this command to the router.
isakmp keepalive 30

Else, the VPN will come up for a couple minutes then drop.

0
 

Author Comment

by:mousers
ID: 11811080
The remote end of the tunnel is a PIX 506e. I do seem to have problems with VPN clients having their connection dropped but the LAN-LAN tunnels seem ok.
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 250 total points
ID: 11811411
What version clients? I think there is a caveat that only 3.6+ is supported.
Highly suggest clients use 4.x
0
 

Author Comment

by:mousers
ID: 11813893
Thanks for the help. I have some remote offices who are in the middle of a big project so I'm not going to be able to do the upgrade till Thursday evening. I do have a work around for my delima until then.

Thanks again.
0

Featured Post

Windows Server 2016: All you need to know

Learn about Hyper-V features that increase functionality and usability of Microsoft Windows Server 2016. Also, throughout this eBook, you’ll find some basic PowerShell examples that will help you leverage the scripts in your environments!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Suggested Courses

628 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question