VNC pass trough Cisco VPN Client with a LinkSys Firewall/Router

Posted on 2004-11-09
Last Modified: 2013-11-16
I have a LinkSys Firewall/Router and have a Cisco VPN Client installed on my PC.  I am trying to remotely support a remote PC but get a "Failed to connect to server".  On another PC I have, Shiva VPN Client is installed.  On that second PC, with the same Firewall/Router, I am able to support a remote PC at my office (another site backed with a Shiva Gateway).  Based on this "functionality", I expect my LinkSys Firewall/Router properly configured because Shiva VPN Client allow TightVNC to work.  However, I get no functionality when trying to use VNC at a site backed with a Cisco VPN Server.  Any ideas?
Question by:Alain_Labelle_Ing
    LVL 36

    Expert Comment

    Hi Alain_Labelle_Ing,
    Are both VPN's using IPSEC?

    On the Linksys all you normally need to do is enable the 'IPSEC Passthru' option and it just works. I use one connecting to a Cisco PIX myself.
    You might wish to check to see if there is newer formware for the Linksys as early versions had a few bugs.
    LVL 79

    Accepted Solution

    If I understand you correctly, you have two very different scenarios:
       PC w/Cisco VPN --> Linksys   ----------->Client VPN 3000 Concentrator ----->VNC Host = Fail
       PC w/Shiva VPN --> Linksys  ----------->Shiva Gateway ------>VNC Host = OK

    If the above is correct, then the issue is on the 3000 concentrator. That box has myriad capabilities to limit your activities on the remote LAN, and the VNC ports may be restricted. It could also be a routing entry needed on the VNC Host to route your VPN client subnet to the VPN3000 rather than its normal default gateway.


    Featured Post

    IT, Stop Being Called Into Every Meeting

    Highfive is so simple that setting up every meeting room takes just minutes and every employee will be able to start or join a call from any room with ease. Never be called into a meeting just to get it started again. This is how video conferencing should work!

    Join & Write a Comment

    Wikipedia defines 'Script Kiddies' in this informal way: "In hacker culture, a script kiddie, occasionally script bunny, skiddie, script kitty, script-running juvenile (SRJ), or similar, is a derogatory term used to describe those who use scripts or…
    The DROP (Spamhaus Don't Route Or Peer List) is a small list of IP address ranges that have been stolen or hijacked from their rightful owners. The DROP list is not a DNS based list.  It is designed to be downloaded as a file, with primary intention…
    This video discusses moving either the default database or any database to a new volume.
    This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor ( If you're looking for how to monitor bandwidth using netflow or packet s…

    734 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    25 Experts available now in Live!

    Get 1:1 Help Now