VPN Issue with Bluefire VPN client on PocketPC (8125) connecting to Cisco VPN 3000 Concentrator

I'm having an issue with the bluefire VPN client on my pocket pc.  I'm connecting to a Cisco VPN 3000 Concentrator.   I believe that I have all of the client settings correct because I'm able to authenticate with the concentrator and connect just fine.  The problem is that sometimes I can receive an IP and sometimes I can't.   Even if I receive an IP I still can't connect to any of my terminal servers.  I can't even ping them.   I'm using a utility called pocketping on my handheld for troubleshooting.   Does anyone have any ideas?  Thanks.
cogentsystemsAsked:
Who is Participating?
 
naveedbConnect With a Mentor Commented:
That is only applicable to Cisco VPN Client so please ignore it.

I have no experience of using BLUEFIRE vpn client. Since you are able to connect from other machines, there is nothing that we can do on the concentrator end.

You may find better luck with with contacting bluefire directly with this. This may be the fastest way as I do not see any other posts on EE about bluefire client.

If  you want to pursue further, please post your output from the following files:

bffl_log, bfike_log, and bfvpn_log.

According to bluefire documentation the log files are located in Start > Programs > File Explorer > Program Files >
Bluefire > VPN > Logs.

We can have a look at them to see if any information is available to troubleshoot further.
0
 
naveedbCommented:
Do you have access to the conentrator? Can you look the status of tunnel when you are connected?
0
 
cogentsystemsAuthor Commented:
Here is the information that I received from my log:

45809 05/02/2006 09:42:58.680 SEV=4 IKE/52 RPT=20468 <external IP>
Group [<authentication group>] User [<username>]
User [<username>] authenticated.
 
45810 05/02/2006 09:43:07.140 SEV=4 AUTH/22 RPT=20394
User [<username>],Group [<authentication group>] connected
 
45811 05/02/2006 09:43:07.140 SEV=4 IKE/119 RPT=20499 <external IP>
Group [<authentication group>] User [<username>]
PHASE 1 COMPLETED
 
45812 05/02/2006 09:43:07.140 SEV=5 IKE/25 RPT=22542 <external IP>
Group [<authentication group>] User [<username>]
Received remote Proxy Host data in ID Payload:
Address <internal IP assigned from address pool>, Protocol 0, Port 0
 
45815 05/02/2006 09:43:07.140 SEV=5 IKE/34 RPT=21089 <external IP>
Group [<authentication group>] User [<username>]
Received local IP Proxy Subnet data in ID Payload:
 Address 0.0.0.0, Mask 0.0.0.0, Protocol 0, Port 0
 
45818 05/02/2006 09:43:07.140 SEV=5 IKE/66 RPT=22534 <external IP>
Group [<authentication group>] User [<username>]
IKE Remote Peer configured for SA: ESP-3DES-MD5
 
45819 05/02/2006 09:43:07.970 SEV=4 IKE/49 RPT=22874 <external IP>
Group [<authentication group>] User [<username>]
Security negotiation complete for User [<username>]
Responder, Inbound SPI = 0x0e1b903e, Outbound SPI = 0xc2bb9827
 
45822 05/02/2006 09:43:07.990 SEV=4 IKE/120 RPT=22877 <external IP>
Group [<authentication group>] User [<username>]
PHASE 2 COMPLETED (msgid=c2bb9827)

The IP on my device doesn't change, even though the VPN log shows that I was assigned an internal address.  

My remote access session shows my pocketpc as being connected with an internally assigned IP.  Everything looks the same as the other remote users connections except that the Protocol encryption says IPSEC instead of IPSEC/UDP like the other users.

Thanks.
0
Never miss a deadline with monday.com

The revolutionary project management tool is here!   Plan visually with a single glance and make sure your projects get done.

 
naveedbCommented:
Other users? Are they able to connect and work?

How do you connect to the concentrator, using CISCO VPN Client?
0
 
cogentsystemsAuthor Commented:
All of my other users are able to connect just fine.   My employees are all using a Cisco VPN client.   I just received this pocketpc as a demo so I can see how it functions with my terminal servers, but I can't get the VPN to work properly.   Thanks.
0
 
naveedbCommented:
Are you able to use the same username/password on another machine and it works fine?

After you are connected, can you click on the status of VPN client, see if packets are being sent/received?

What do you see in the secured networks?



0
 
cogentsystemsAuthor Commented:
I'm able to use the same username and password on any other machine.   I'm only having an issue with the bluefire vpn client on my pocketpc.

After I'm connected I don't see any bytes being sent or received even if I attempt to connect to my terminal server.  

I'm not sure what you mean by secured networks.

Thanks.
0
 
cogentsystemsAuthor Commented:
I found out what the problem was.   The device was setup by default to use the AP ASN wap.cingular.  Aparently there are some known issues with this AP not playing nice with VPN connections.   After changing it to isp.cingular everything was working fine.   Thanks for your help.
0
All Courses

From novice to tech pro — start learning today.