Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 749
  • Last Modified:

Cisco VPN and Windows XP

I have two clients connecting via Cisco VPN client Version 5. They are both behind the same router. One of them is running Windows Vist 64 bit and one is running Windows XP. The Vista client can connect to our network but the XP machine cannot. The Windows Firewall is off on both machines. Any clues.
0
farmsm77
Asked:
farmsm77
  • 6
  • 3
  • 2
  • +1
1 Solution
 
RaithZCommented:
What error is the Windows XP client getting?  One of the big things with the Cisco VPN client is that you can't have any of your network connections shared via Internet Connection Sharing.  Any chance they have that setup and don't realize it?
0
 
MikeKaneCommented:
Are both trying to connect at the same time?    

IF the vista machine is powered off, can the XP machine connect?  

What error is displayed on XP when the fail to connect happens?    

Are the vista and XP both using the same auth method and Policy for conenction?  
0
 
AllvirtualCommented:
Can you post the client log?
0
Evaluating UTMs? Here's what you need to know!

Evaluating a UTM appliance and vendor can prove to be an overwhelming exercise.  How can you make sure that you're getting the security that your organization needs without breaking the bank? Check out our UTM Buyer's Guide for more information on what you should be looking for!

 
farmsm77Author Commented:
The XP machine is getting no error message. In fact, the VPN tunnel is connected (the lock is locked) but resources behind the VPN server are inaccessible. The XP machine is not using Internest Connection Sharing.

The Vista machine does not appear to be having any issues. Multiple users connecting through the same router to our firewall is not uncommon and has worked fine with different clients in the past. It just appears to be that this one XP client is having trouble.
0
 
farmsm77Author Commented:
The VPN log is showing nothing. Anywhere else I should be looking?
0
 
AllvirtualCommented:
Yes. Do you have other VPN clients installed on this machine?
Check if the Windows IPsec/IKE services are running. If so stop and disable them.
What AV/Internet Security software are you using? Could be this is blocking the traffic. Either configure the software correctly or disable/uninstall it.
0
 
MikeKaneCommented:
Another thought, When the XP is connected, what host are you trying to access on the other LAN?    What service are you trying to connect into.  

If the XP shows the yellow lock, then the tunnel has been built.    This could be an issue with DNS resolution perhaps, or a bad gateway, or a problem with AV/firewall as Allvirtual mentioned.    

0
 
farmsm77Author Commented:
There are no other VPNs on this machine.

I am using ESET Smart Security. All my clients use this same AV with no issues.

I tried shutting down the Windows IPSEC service. No change, the remote resources are not available.

Tried to ping the inside interface of the VPN server, no good. Tried connecting using RDP, no good.
0
 
farmsm77Author Commented:
As far as ESET is concerned, I shut it down and tried to connect; still no good.
0
 
RaithZCommented:
Are both clients using the same connection settings within the VPN client, such as allow local lan bypass etc?  If the Vista client exports his connection file and then its imported into the windows xp client, does it still have the same issue?  
0
 
AllvirtualCommented:
If you had Windows IPsec services running you need to Disable the service and reboot the computer. Then try.
Also maybe try a different client. Try downloading the NCP Secure Entry Client http://www.ncp-e.com. It's fully functional for 30 days plus they give full support for the trial. You must uninstall the Cisco client before! Save your .pcf connection profile because the NCP client will allow you to import that profile. The NCP client has much better debugging capabilities. Much more professional software then the Cisco stuff.
0
 
farmsm77Author Commented:
Disabling the IPSEC service did not seem to fix anything. However, I did notice that on the XP machine. the Log On credentials for the IPSEC service is different from the Vista machine. The XP machine uses the local account and the Vista machine logs on using the Network Service account. I tried changing this on the XP machine, but I do not have the password for this account and a blank password did not work.
0
 
farmsm77Author Commented:
AV was the problem as well as file and print sharing on the wireless connection (not just the VPN connection).
0

Featured Post

Who's Defending Your Organization from Threats?

Protecting against advanced threats requires an IT dream team – a well-oiled machine of people and solutions working together to defend your organization. Download our resource kit today to learn more about the tools you need to build you IT Dream Team!

  • 6
  • 3
  • 2
  • +1
Tackle projects and never again get stuck behind a technical roadblock.
Join Now