VPN with hard wire works... VPN with wireless does not
Posted on 2006-05-31
I just took a new position at work supporting our VPN client. Since I started 3 weeks ago, I have received multiple (more than 10) calls from people who are using VPN to connect to the corporate network but do not have access network resources.
To give you the low down the configuration looks something like this:
Users are connecting via Cisco VPN Client v4.8 running on Windows XP Professional. Each user has a different laptop - all Dell except 1 IBM. All are on thier home networks, which are ALL on COMCAST cable networks, but using different routers (some Linksys, some d-link, you get the picture). The strange thing is, all people are having the same problem. If they try to VPN from home over thier wireless Comcast networks, they connect to the company and get an IP address from the corporate network, but get no connectivity to network resouces. If they VPN using a hard wired connection directly to thier router, they connect with no problem.
The strange thing about this is, if these same users who are experiencing difficulty at home go to an open network (i.e. Starbucks or Panera, or even our company wireless outernet connection) the VPN allows them to connectivity with no problem, with connectivity to network resouces.
Another weird thing about this is, I'm using Comcast Cable and have no problem at all. I use the same company configuration on my laptop and don't have a problem ~ so it's very hard for me to test why this is happening.
I have one of the users working with me to determine why this may be happening ~ she was nice enough to send me a log file along with statistics from the Cisco VPN Client. There were some weird stats ~ for example, when she is using Tunnel All, if I look under Statistics and choose the Tunnel Details tab, there are quite a number of packets encrypted, but no packets decrypted and 29,812 bytes sent, but only 259 bytes received. Moving on to the Route Details tab there should be a list of Secured Routes, yet there are none. Split Tunnel provides different statistics under packet encrypted there are 543, and decrypted 94 ~ bytes received ther are 29,248 and bytes sent is 54,178. The Secured Routes at least has the correct routing table in it.
When I look at the statistics on my system and the VPN connection is working properly, the ratio between packets encrypted/decrypted is very similar, as well as with bytes sent/received.
Has anyone seen this issue? Is there a setting I can change either on the wireless router end or VPN end to allow my users to connect to thier resources when VPN'd over Comcast wireless into the corporate network?