Still celebrating National IT Professionals Day with 3 months of free Premium Membership. Use Code ITDAY17

x
?
Solved

VPN Client Network Mask

Posted on 2004-08-14
8
Medium Priority
?
519 Views
Last Modified: 2013-11-16
I have a Cisco VPN Concentrator 3000 series. I use Cisco VPN clients v4.x to connect. I am using a configured pool of addresses to dole out to the clients when they connect. I want the clients to get a specific mask as well but I am missing something.

I have defined a mask in the group configuration but my clients still get a mask based on the class of my IP pool.

How can I define a subnet mask for my VPN clients?
0
Comment
Question by:mousers
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
8 Comments
 
LVL 79

Expert Comment

by:lrmoore
ID: 11802878
What version OS do you have on the 3000? I just upgraded one to 4.1.5 this morning and noticed that there is now a subnet mask setting for the address pool..
0
 

Author Comment

by:mousers
ID: 11803979
I have v4.0.1D. I'll try to grab the IOS and try to perform the upgrade tonight. Any gotchas you came accross?
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 11809928
If you're using OSPF routing, I've found a glitch in the reverse rout injection.
Otherwise, it took all of 5 minutes.
Do you have any LAN-LAN tunnels set up, specifically to an IOS router? You might have to modify the router's config to add an isakmp keepalive. I found that out going from 4.0 to 4.1 a while back..
0
When ransomware hits your clients, what do you do?

MSPs: Endpoint security isn’t enough to prevent ransomware.
As the impact and severity of crypto ransomware attacks has grown, Webroot has fought back, not just by building a next-gen endpoint solution capable of preventing ransomware attacks but also by being a thought leader.

 

Author Comment

by:mousers
ID: 11810114
I have 4 LAN-LAN tunnels. I am trying to get the new IOS from Cisco TAC right now.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 11810407
If your LAN-LAN tunnel terminates on a router, then you will need to add this command to the router.
isakmp keepalive 30

Else, the VPN will come up for a couple minutes then drop.

0
 

Author Comment

by:mousers
ID: 11811080
The remote end of the tunnel is a PIX 506e. I do seem to have problems with VPN clients having their connection dropped but the LAN-LAN tunnels seem ok.
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 1000 total points
ID: 11811411
What version clients? I think there is a caveat that only 3.6+ is supported.
Highly suggest clients use 4.x
0
 

Author Comment

by:mousers
ID: 11813893
Thanks for the help. I have some remote offices who are in the middle of a big project so I'm not going to be able to do the upgrade till Thursday evening. I do have a work around for my delima until then.

Thanks again.
0

Featured Post

Optimum High-Definition Video Viewing and Control

The ATEN VM0404HA 4x4 4K HDMI Matrix Switch supports 4K resolutions of UHD (3840 x 2160) and DCI (4096 x 2160) with refresh rates of 30 Hz (4:4:4) and 60 Hz (4:2:0). It is ideal for applications where the routing of 4K digital signals is required.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
WARNING:   If you follow the instructions here, you will wipe out your VTP and VLAN configurations.  Make sure you have backed up your switch!!! I recently had some issues with a few low-end Cisco routers (RV325) and I opened a case with Cisco TA…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
In this brief tutorial Pawel from AdRem Software explains how you can quickly find out which services are running on your network, or what are the IP addresses of servers responsible for each service. Software used is freeware NetCrunch Tools (https…
Suggested Courses

722 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question