Want to win a PS4? Go Premium and enter to win our High-Tech Treats giveaway. Enter to Win

x
?
Solved

Cisco VPN Concentrator 3000 - lost lan-to-lan sessions after reboot. Please help!

Posted on 2004-08-17
7
Medium Priority
?
626 Views
Last Modified: 2010-04-11
Hi there,

We had a little power surge and lost our connection to one of our sites. (other sites were ok). I decided to reboot the concentrator and cannot reconnect the lan-to-lan sessions for any of our sites now. I simply thought everything would come back on-line, well at least the sites that were working fine but this was not the case.

How do i re-establish lan-to-lan connections on the Cisco VPN Concentrator 3000?

Please help!
0
Comment
Question by:Fernando
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
7 Comments
 
LVL 10

Expert Comment

by:ngravatt
ID: 11821356
check:
Configuration | Tunneling and Security | IPSec | LAN-to-LAN

are the entries still there?

If so, disable, then re-enable them.  
0
 

Author Comment

by:Fernando
ID: 11822285
There is no option to disable or re-enable.

Under Configuration i have; |System||Tunneling Protocols||IPSEC||Lan-to-Lan|.

Then: |Add||Modify| & |Delete|

The 3 sites are listed and settings are all good. 2 of the 3 have come back on since I last posted but I would assume it was because a connection was requested from the remote sites themselves. I need to logon to the one that's still down.

- Melbourne
- Brisbane

...were up before reboot.

NZ went down after power surge.

- NZ
- Brisbane

...are back online now.

Melbourne is still down.

I'm a bit sleepy and tired atm, so please excuse my description... :)
0
 
LVL 10

Expert Comment

by:ngravatt
ID: 11823565
if you select Melbourne and then click modify, you can have the option to disable or enable the connection.  I am not sure that this will work, but i thought that that might initailize the connection.
0
Simplify Your Workload with One Tool

How do you combat today’s intelligent hacker while managing multiple domains and platforms? By simplifying your workload with one tool. With Lunarpages hosting through Plesk Onyx, you can:

Automate SSL generation and installation with two clicks
Experience total server control

 

Expert Comment

by:chrisdixon
ID: 11843886
as ngravatt said above, there should be a tickbox at the top of the conguration page for each LAN-LAN tunnel
(system->tunneling protocols->ipsec->LAN to LAN select a tunnel then 'modify').
Having said that, if your box had been corrupted in any way, the chances are that nothing would work!

LAN-LAN tunnels only come up if traffic destined for them actually hits the VPN concentrator. The best way to get your tunnels up is to 'ping' devices on the remote sites from a local PC, whilst refershing the 'Monitoring-Sessions' page to see if the connections are being made.
0
 

Author Comment

by:Fernando
ID: 11848130
Eventually Melbourne was back up when I returned in the morning. Either way, if it happens again...

What do I ping? An internal IP on the remote site or the external internet IP of the remote site?

I have Current Software Revision:
Cisco Systems, Inc./VPN 3000 Concentrator Version 3.6.7.B Feb 27 2003 21:27:06

I don't have that option you are both referring to. Is this an OLD version? Is updating the software when everything is working fine recommended?

Thanks
0
 

Expert Comment

by:chrisdixon
ID: 11850039
To initiate the Tunnel (in the absence of any 'normal' LAN to LAN traffic which will kick the tunnel into life for you), ping a device in the remote LAN from a PC in your LAN. You have to send some traffic over the tunnel.

Your VPN3000 software isn't *too* old, but newer versions are available. We are running version 4.1.5, which also supports 'clientless' SSL VPN sessions (AKA WebVPN). Upgrading the OS won't do any harm.
0
 
LVL 10

Accepted Solution

by:
ngravatt earned 1500 total points
ID: 11851934
yeah, i am using
Cisco Systems, Inc./VPN 3000 Concentrator Version 4.1.4.Rel Apr 28 2004 18:31:58

yes it is reccommended to update when everything is working fine.  This will ensure that you do not have any more problems in the future.
0

Featured Post

VIDEO: THE CONCERTO CLOUD FOR HEALTHCARE

Modern healthcare requires a modern cloud. View this brief video to understand how the Concerto Cloud for Healthcare can help your organization.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
Tech spooks aren't just for those who are tech savvy, it also happens to those of us running a business. Check out the top tech spooks for business owners.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
Monitoring a network: how to monitor network services and why? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the philosophy behind service monitoring and why a handshake validation is critical in network monitoring. Software utilized …
Suggested Courses

636 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question