Solved

Cisco VPN Concentrator 3000 - lost lan-to-lan sessions after reboot. Please help!

Posted on 2004-08-17
7
620 Views
Last Modified: 2010-04-11
Hi there,

We had a little power surge and lost our connection to one of our sites. (other sites were ok). I decided to reboot the concentrator and cannot reconnect the lan-to-lan sessions for any of our sites now. I simply thought everything would come back on-line, well at least the sites that were working fine but this was not the case.

How do i re-establish lan-to-lan connections on the Cisco VPN Concentrator 3000?

Please help!
0
Comment
Question by:Fernando
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 3
  • 2
  • 2
7 Comments
 
LVL 10

Expert Comment

by:ngravatt
ID: 11821356
check:
Configuration | Tunneling and Security | IPSec | LAN-to-LAN

are the entries still there?

If so, disable, then re-enable them.  
0
 

Author Comment

by:Fernando
ID: 11822285
There is no option to disable or re-enable.

Under Configuration i have; |System||Tunneling Protocols||IPSEC||Lan-to-Lan|.

Then: |Add||Modify| & |Delete|

The 3 sites are listed and settings are all good. 2 of the 3 have come back on since I last posted but I would assume it was because a connection was requested from the remote sites themselves. I need to logon to the one that's still down.

- Melbourne
- Brisbane

...were up before reboot.

NZ went down after power surge.

- NZ
- Brisbane

...are back online now.

Melbourne is still down.

I'm a bit sleepy and tired atm, so please excuse my description... :)
0
 
LVL 10

Expert Comment

by:ngravatt
ID: 11823565
if you select Melbourne and then click modify, you can have the option to disable or enable the connection.  I am not sure that this will work, but i thought that that might initailize the connection.
0
Report: Liquid Web beats Amazon, Rackspace & More

A study by performance analyst firm Cloud Spectator finds that Liquid Web beats rivals Amazon, Rackspace and DigitalOcean when it comes to website and cloud application performance.

 

Expert Comment

by:chrisdixon
ID: 11843886
as ngravatt said above, there should be a tickbox at the top of the conguration page for each LAN-LAN tunnel
(system->tunneling protocols->ipsec->LAN to LAN select a tunnel then 'modify').
Having said that, if your box had been corrupted in any way, the chances are that nothing would work!

LAN-LAN tunnels only come up if traffic destined for them actually hits the VPN concentrator. The best way to get your tunnels up is to 'ping' devices on the remote sites from a local PC, whilst refershing the 'Monitoring-Sessions' page to see if the connections are being made.
0
 

Author Comment

by:Fernando
ID: 11848130
Eventually Melbourne was back up when I returned in the morning. Either way, if it happens again...

What do I ping? An internal IP on the remote site or the external internet IP of the remote site?

I have Current Software Revision:
Cisco Systems, Inc./VPN 3000 Concentrator Version 3.6.7.B Feb 27 2003 21:27:06

I don't have that option you are both referring to. Is this an OLD version? Is updating the software when everything is working fine recommended?

Thanks
0
 

Expert Comment

by:chrisdixon
ID: 11850039
To initiate the Tunnel (in the absence of any 'normal' LAN to LAN traffic which will kick the tunnel into life for you), ping a device in the remote LAN from a PC in your LAN. You have to send some traffic over the tunnel.

Your VPN3000 software isn't *too* old, but newer versions are available. We are running version 4.1.5, which also supports 'clientless' SSL VPN sessions (AKA WebVPN). Upgrading the OS won't do any harm.
0
 
LVL 10

Accepted Solution

by:
ngravatt earned 500 total points
ID: 11851934
yeah, i am using
Cisco Systems, Inc./VPN 3000 Concentrator Version 4.1.4.Rel Apr 28 2004 18:31:58

yes it is reccommended to update when everything is working fine.  This will ensure that you do not have any more problems in the future.
0

Featured Post

Free learning courses: Active Directory Deep Dive

Get a firm grasp on your IT environment when you learn Active Directory best practices with Veeam! Watch all, or choose any amount, of this three-part webinar series to improve your skills. From the basics to virtualization and backup, we got you covered.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Unable to access VM console from vSphere ? 2 101
New CLI Commands Needed for Cisco ASA 5506 5 64
Can i use a GC as a DC? 7 74
Recommended raid configuration for ESXi host 7 94
For many of us, the  holiday season kindles the natural urge to give back to our friends, family members and communities. While it's easy for friends to notice the impact of such deeds, understanding the contributions of businesses and enterprises i…
Most of the applications these days are on Cloud. Cloud is ubiquitous with many service providers in the market. Since it has many benefits such as cost reduction, software updates, remote access, disaster recovery and much more.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

732 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question