PIX515 connection problem

hi i have a cisco pix 515

when we are connecting from home, we have no problem to access the vpn

but when we go in hotel and that we connect on wireless network, we are receiving the error 412

"Secure VPN Connection terminated locally by the client
Reason 412: The remote peer is no longer responding"

i did some test from home with our wireless router and i had the same error if i disabled "IPSec Passthrough"

So is there a way to bypass IPSec Passthrough when we are in hotel ???

thanks for your help

Jac
Jean-François GuénetNetwork AdministratorAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

microrCommented:
how is the pix configured for vpn? cisco vpn or l2tp/pptp vpn?
0
rsivanandanCommented:
Configuration of the PIX with vital information masked would help.

Cheers,
Rajesh
0
JoesmailCommented:
The hotel is where things are being blocked.  The PIX is working fine.

I think you already know it's the hotel not allowing IPSEC traffic to pass through.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Powerful Yet Easy-to-Use Network Monitoring

Identify excessive bandwidth utilization or unexpected application traffic with SolarWinds Bandwidth Analyzer Pack.

rsivanandanCommented:
Then you should be talking to the Hotel Guys, isn't it ? I mean, what solution can be given for something nobody has access except for the Hotel Guys???

Cheers,
Rajesh
0
Jean-François GuénetNetwork AdministratorAuthor Commented:
No but i can'T go to every hotel ans ask them to allow IPSec :)

There's nothing we can do to by pass this ????
0
rsivanandanCommented:
Thats the reason why I wanted to see the PIX config, just to make sure there is nothing wrong or if there is something that needs to be there :-)

Why would the hotel guys block IPSEC passthrough? I am trying to think here, because most of the travelling employees use IPSec now, so wanted to make sure if it is just a coincidence at your home (I mean if it is really an IPSec passthrough issue). The error 412 could even come if you are not connected at all :-) Just a very basic error message it is!

Cheers,
Rajesh
0
Jean-François GuénetNetwork AdministratorAuthor Commented:
yeah i would like to post the pix configuration but i can't....the cie dont want

maybe you can check the webpage http://www.greghughes.net/rant/UseCiscoVPNClientOnTCP443Or80ToSolveConnectivityProblems.aspx

and tell me what you think of that

i tried to connect to pix with that option on port 443 and 80 but it still don't work

is there a command on the pix we have to do to be able to connect to it throw port 443 or 80

Thanks
0
microrCommented:
a PIX wont respond to PDM ( i think thats what you mean - the GUI) unless the "http server enable" command is given from the command line / console and even then you have to specify what hosts/subnets can then connect to the PDM. as has been asked before we need the config of the PIX - if you can console in and do a "sh run" and post details that would be great.

andy
0
rsivanandanCommented:
Ok. let me ask you this. Were any of the employees able to connect to the PIX from any of the hotels? or is it specific hotels?

Cheers,
Rajesh
0
Jean-François GuénetNetwork AdministratorAuthor Commented:
rsivanandan:
User cannot log in from evry hotel that tried
It's seem to be because IPsec passthrought is not enable in the hotel
0
rsivanandanCommented:
okay. I guess you can't do much now. What you can try is to get some of those wireless cards and stop using the hotel connection.

Cheers,
Rajesh
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Software Firewalls

From novice to tech pro — start learning today.