Solved

Cisco VPN and Windows XP

Posted on 2011-02-18
13
709 Views
Last Modified: 2012-05-11
I have two clients connecting via Cisco VPN client Version 5. They are both behind the same router. One of them is running Windows Vist 64 bit and one is running Windows XP. The Vista client can connect to our network but the XP machine cannot. The Windows Firewall is off on both machines. Any clues.
0
Comment
Question by:farmsm77
  • 6
  • 3
  • 2
  • +1
13 Comments
 
LVL 6

Expert Comment

by:RaithZ
ID: 34927365
What error is the Windows XP client getting?  One of the big things with the Cisco VPN client is that you can't have any of your network connections shared via Internet Connection Sharing.  Any chance they have that setup and don't realize it?
0
 
LVL 33

Expert Comment

by:MikeKane
ID: 34927477
Are both trying to connect at the same time?    

IF the vista machine is powered off, can the XP machine connect?  

What error is displayed on XP when the fail to connect happens?    

Are the vista and XP both using the same auth method and Policy for conenction?  
0
 
LVL 4

Expert Comment

by:Allvirtual
ID: 34927618
Can you post the client log?
0
 

Author Comment

by:farmsm77
ID: 34927624
The XP machine is getting no error message. In fact, the VPN tunnel is connected (the lock is locked) but resources behind the VPN server are inaccessible. The XP machine is not using Internest Connection Sharing.

The Vista machine does not appear to be having any issues. Multiple users connecting through the same router to our firewall is not uncommon and has worked fine with different clients in the past. It just appears to be that this one XP client is having trouble.
0
 

Author Comment

by:farmsm77
ID: 34927685
The VPN log is showing nothing. Anywhere else I should be looking?
0
 
LVL 4

Accepted Solution

by:
Allvirtual earned 125 total points
ID: 34927788
Yes. Do you have other VPN clients installed on this machine?
Check if the Windows IPsec/IKE services are running. If so stop and disable them.
What AV/Internet Security software are you using? Could be this is blocking the traffic. Either configure the software correctly or disable/uninstall it.
0
Comprehensive Backup Solutions for Microsoft

Acronis protects the complete Microsoft technology stack: Windows Server, Windows PC, laptop and Surface data; Microsoft business applications; Microsoft Hyper-V; Azure VMs; Microsoft Windows Server 2016; Microsoft Exchange 2016 and SQL Server 2016.

 
LVL 33

Expert Comment

by:MikeKane
ID: 34927821
Another thought, When the XP is connected, what host are you trying to access on the other LAN?    What service are you trying to connect into.  

If the XP shows the yellow lock, then the tunnel has been built.    This could be an issue with DNS resolution perhaps, or a bad gateway, or a problem with AV/firewall as Allvirtual mentioned.    

0
 

Author Comment

by:farmsm77
ID: 34927902
There are no other VPNs on this machine.

I am using ESET Smart Security. All my clients use this same AV with no issues.

I tried shutting down the Windows IPSEC service. No change, the remote resources are not available.

Tried to ping the inside interface of the VPN server, no good. Tried connecting using RDP, no good.
0
 

Author Comment

by:farmsm77
ID: 34927906
As far as ESET is concerned, I shut it down and tried to connect; still no good.
0
 
LVL 6

Expert Comment

by:RaithZ
ID: 34927950
Are both clients using the same connection settings within the VPN client, such as allow local lan bypass etc?  If the Vista client exports his connection file and then its imported into the windows xp client, does it still have the same issue?  
0
 
LVL 4

Expert Comment

by:Allvirtual
ID: 34927989
If you had Windows IPsec services running you need to Disable the service and reboot the computer. Then try.
Also maybe try a different client. Try downloading the NCP Secure Entry Client http://www.ncp-e.com. It's fully functional for 30 days plus they give full support for the trial. You must uninstall the Cisco client before! Save your .pcf connection profile because the NCP client will allow you to import that profile. The NCP client has much better debugging capabilities. Much more professional software then the Cisco stuff.
0
 

Author Comment

by:farmsm77
ID: 34929428
Disabling the IPSEC service did not seem to fix anything. However, I did notice that on the XP machine. the Log On credentials for the IPSEC service is different from the Vista machine. The XP machine uses the local account and the Vista machine logs on using the Network Service account. I tried changing this on the XP machine, but I do not have the password for this account and a blank password did not work.
0
 

Author Closing Comment

by:farmsm77
ID: 34945081
AV was the problem as well as file and print sharing on the wireless connection (not just the VPN connection).
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
VPN 101 - how and which protocol? 9 95
VPN protocal 18 77
Mac OS 10.12 + VPN 17 544
Windwos Server 2012 R2 NPS for Cisco ASA VPN Authentication 2 49
I've written this article to illustrate how we can implement a Dynamic Multipoint VPN (DMVPN) with both hub and spokes having a dynamically assigned non-broadcast multiple-access (NBMA) network IP (public IP). Here is the basic setup of DMVPN Pha…
When you start your Windows 10 PC and got an "Operating system not found" error or just saw  "Auto repair for startup" or a blinking cursor with black screen. A loop for Auto repair will start but fix nothing.  You will be panic as there are no back…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Windows 10 is mostly good. However the one thing that annoys me is how many clicks you have to do to dial a VPN connection. You have to go to settings from the start menu, (2 clicks), Network and Internet (1 click), Click VPN (another click) then fi…

910 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

20 Experts available now in Live!

Get 1:1 Help Now