Solved

VPN Client Network Mask

Posted on 2004-08-14
8
495 Views
Last Modified: 2013-11-16
I have a Cisco VPN Concentrator 3000 series. I use Cisco VPN clients v4.x to connect. I am using a configured pool of addresses to dole out to the clients when they connect. I want the clients to get a specific mask as well but I am missing something.

I have defined a mask in the group configuration but my clients still get a mask based on the class of my IP pool.

How can I define a subnet mask for my VPN clients?
0
Comment
Question by:mousers
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 4
  • 4
8 Comments
 
LVL 79

Expert Comment

by:lrmoore
ID: 11802878
What version OS do you have on the 3000? I just upgraded one to 4.1.5 this morning and noticed that there is now a subnet mask setting for the address pool..
0
 

Author Comment

by:mousers
ID: 11803979
I have v4.0.1D. I'll try to grab the IOS and try to perform the upgrade tonight. Any gotchas you came accross?
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 11809928
If you're using OSPF routing, I've found a glitch in the reverse rout injection.
Otherwise, it took all of 5 minutes.
Do you have any LAN-LAN tunnels set up, specifically to an IOS router? You might have to modify the router's config to add an isakmp keepalive. I found that out going from 4.0 to 4.1 a while back..
0
Easy, flexible multimedia distribution & control

Coming soon!  Ideal for large-scale A/V applications, ATEN's VM3200 Modular Matrix Switch is an all-in-one solution that simplifies video wall integration. Easily customize display layouts to see what you want, how you want it in 4k.

 

Author Comment

by:mousers
ID: 11810114
I have 4 LAN-LAN tunnels. I am trying to get the new IOS from Cisco TAC right now.
0
 
LVL 79

Expert Comment

by:lrmoore
ID: 11810407
If your LAN-LAN tunnel terminates on a router, then you will need to add this command to the router.
isakmp keepalive 30

Else, the VPN will come up for a couple minutes then drop.

0
 

Author Comment

by:mousers
ID: 11811080
The remote end of the tunnel is a PIX 506e. I do seem to have problems with VPN clients having their connection dropped but the LAN-LAN tunnels seem ok.
0
 
LVL 79

Accepted Solution

by:
lrmoore earned 250 total points
ID: 11811411
What version clients? I think there is a caveat that only 3.6+ is supported.
Highly suggest clients use 4.x
0
 

Author Comment

by:mousers
ID: 11813893
Thanks for the help. I have some remote offices who are in the middle of a big project so I'm not going to be able to do the upgrade till Thursday evening. I do have a work around for my delima until then.

Thanks again.
0

Featured Post

Free Tool: Site Down Detector

Helpful to verify reports of your own downtime, or to double check a downed website you are trying to access.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Data center, now-a-days, is referred as the home of all the advanced technologies. In-fact, most of the businesses are now establishing their entire organizational structure around the IT capabilities.
When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…

710 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question