Solved

Cisco VPN secure vpn connection terminated locally by the client eason 412: the remote peer is no longer responding

Posted on 2013-01-04
6
1,706 Views
Last Modified: 2013-02-14
Hi guys,

I have looked around this topic:
"Cisco VPN secure vpn connection terminated locally by the client eason 412: the remote peer is no longer responding"

but so far I have not found a solution for my problem, this is my scenario:
I have several clients working with cisco vpn clients without problem, but I have one particular user that can't connect to my ASA, my VPN configuration was modified to have these service in port 80, as I said before, all users are working and only one is having problems, after check and troubleshoot, I have found that this user is not able to do a ping to my IP(all other can do ping), I check that he can go to any web site, so port 80 is open :) , but ping is not enabled.
My question: Cisco VPN client need to perform a ping to check if the peer is up when he is establishing the connection?

Thanks for your help guys
0
Comment
Question by:yassel
6 Comments
 
LVL 12

Expert Comment

by:ibrahim52
ID: 38744533
is it static IP or dynamic URL and If you can try un-installing network drivers through device manager and installing it back.
0
 

Author Comment

by:yassel
ID: 38744545
is an static IP, and I try in the same client with 4 machines :(, 2 new instalations of windows XP, 7, and a linux, all are the same OS that is working in my other clients, and as last resort, I went to the offices of my client, and I check with my laptop and I get the same result.
0
 
LVL 5

Assisted Solution

by:Leeeee
Leeeee earned 250 total points
ID: 38744688
If it's limited to one user in a specific location in which you tested and experienced the same issue, it may be an access restriction on the equipment at that site..as in an ACL on a firewall/router.
0
Enterprise Mobility and BYOD For Dummies

Like “For Dummies” books, you can read this in whatever order you choose and learn about mobility and BYOD; and how to put a competitive mobile infrastructure in place. Developed for SMBs and large enterprises alike, you will find helpful use cases, planning, and implementation.

 

Author Comment

by:yassel
ID: 38744714
Hi Leeeee,

well, so far the only restriction that I have found was the ping, the client does not have any ACL limiting port 80 outbound, remember that my VPN service is hosted in port 80, exactly to avoid any miss configuration or any ISP restriction.

If you use port 80 to make the connection, that is the only port used between the cisco client and my ASA?

And of course the Cisco VPN client is configured to use IPsec over TCP

PD: the ping restriction was imposed by the ISP
0
 

Accepted Solution

by:
Cybersree earned 250 total points
ID: 38744797
Can you do a debug while trying the VPN connection from the particular user.? This is just to understand that the user is able to hit your ASA, if so what is happening..

debug crypto isakmp

Hope that this link would help you to troubleshoot.. :  http://www.cisco.com/en/US/tech/tk583/tk372/technologies_tech_note09186a00800949c5.shtml

If you donot see any hits then the issue in reachability.
0
 

Author Comment

by:yassel
ID: 38744981
I'm working in that point of view Cybersree, actually you are right, I have done a simple telnet test to port 80 and I don't get any connection attempt to my ASA, I have trying from another place and I get at least the IP coming to my ASA on port 80, so I need to check with the ISP of this user, WOW a simple connection on port 80 not working, something that not come to my mind at all.
0

Featured Post

PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Most computer users do not realize how important their passwords are. Here’s the straight scoop on why you need a good password and how to create super strong passwords that are easy to remember and hard to crack. Thieves Are Trying to Steal Yo…
Using in-flight Wi-Fi when you travel? Business travelers beware! In-flight Wi-Fi networks could rip the door right off your digital privacy portal. That’s no joke either, as it might also provide a convenient entrance for bad threat actors.
Although Jacob Bernoulli (1654-1705) has been credited as the creator of "Binomial Distribution Table", Gottfried Leibniz (1646-1716) did his dissertation on the subject in 1666; Leibniz you may recall is the co-inventor of "Calculus" and beat Isaac…
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …

808 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question