We help IT Professionals succeed at work.

PIX515 connection  problem

Medium Priority
248 Views
Last Modified: 2013-11-16
hi i have a cisco pix 515

when we are connecting from home, we have no problem to access the vpn

but when we go in hotel and that we connect on wireless network, we are receiving the error 412

"Secure VPN Connection terminated locally by the client
Reason 412: The remote peer is no longer responding"

i did some test from home with our wireless router and i had the same error if i disabled "IPSec Passthrough"

So is there a way to bypass IPSec Passthrough when we are in hotel ???

thanks for your help

Jac
Comment
Watch Question

Commented:
how is the pix configured for vpn? cisco vpn or l2tp/pptp vpn?
Configuration of the PIX with vital information masked would help.

Cheers,
Rajesh
Commented:
The hotel is where things are being blocked.  The PIX is working fine.

I think you already know it's the hotel not allowing IPSEC traffic to pass through.

Not the solution you were looking for? Getting a personalized solution is easy.

Ask the Experts
Then you should be talking to the Hotel Guys, isn't it ? I mean, what solution can be given for something nobody has access except for the Hotel Guys???

Cheers,
Rajesh
Jean-François GuénetNetwork Administrator

Author

Commented:
No but i can'T go to every hotel ans ask them to allow IPSec :)

There's nothing we can do to by pass this ????
Thats the reason why I wanted to see the PIX config, just to make sure there is nothing wrong or if there is something that needs to be there :-)

Why would the hotel guys block IPSEC passthrough? I am trying to think here, because most of the travelling employees use IPSec now, so wanted to make sure if it is just a coincidence at your home (I mean if it is really an IPSec passthrough issue). The error 412 could even come if you are not connected at all :-) Just a very basic error message it is!

Cheers,
Rajesh
Jean-François GuénetNetwork Administrator

Author

Commented:
yeah i would like to post the pix configuration but i can't....the cie dont want

maybe you can check the webpage http://www.greghughes.net/rant/UseCiscoVPNClientOnTCP443Or80ToSolveConnectivityProblems.aspx

and tell me what you think of that

i tried to connect to pix with that option on port 443 and 80 but it still don't work

is there a command on the pix we have to do to be able to connect to it throw port 443 or 80

Thanks

Commented:
a PIX wont respond to PDM ( i think thats what you mean - the GUI) unless the "http server enable" command is given from the command line / console and even then you have to specify what hosts/subnets can then connect to the PDM. as has been asked before we need the config of the PIX - if you can console in and do a "sh run" and post details that would be great.

andy
Ok. let me ask you this. Were any of the employees able to connect to the PIX from any of the hotels? or is it specific hotels?

Cheers,
Rajesh
Jean-François GuénetNetwork Administrator

Author

Commented:
rsivanandan:
User cannot log in from evry hotel that tried
It's seem to be because IPsec passthrought is not enable in the hotel
okay. I guess you can't do much now. What you can try is to get some of those wireless cards and stop using the hotel connection.

Cheers,
Rajesh
Access more of Experts Exchange with a free account
Thanks for using Experts Exchange.

Create a free account to continue.

Limited access with a free account allows you to:

  • View three pieces of content (articles, solutions, posts, and videos)
  • Ask the experts questions (counted toward content limit)
  • Customize your dashboard and profile

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.