Solved

Cisco VPN secure vpn connection terminated locally by the client eason 412: the remote peer is no longer responding

Posted on 2013-01-04
6
1,695 Views
Last Modified: 2013-02-14
Hi guys,

I have looked around this topic:
"Cisco VPN secure vpn connection terminated locally by the client eason 412: the remote peer is no longer responding"

but so far I have not found a solution for my problem, this is my scenario:
I have several clients working with cisco vpn clients without problem, but I have one particular user that can't connect to my ASA, my VPN configuration was modified to have these service in port 80, as I said before, all users are working and only one is having problems, after check and troubleshoot, I have found that this user is not able to do a ping to my IP(all other can do ping), I check that he can go to any web site, so port 80 is open :) , but ping is not enabled.
My question: Cisco VPN client need to perform a ping to check if the peer is up when he is establishing the connection?

Thanks for your help guys
0
Comment
Question by:yassel
6 Comments
 
LVL 12

Expert Comment

by:ibrahim52
ID: 38744533
is it static IP or dynamic URL and If you can try un-installing network drivers through device manager and installing it back.
0
 

Author Comment

by:yassel
ID: 38744545
is an static IP, and I try in the same client with 4 machines :(, 2 new instalations of windows XP, 7, and a linux, all are the same OS that is working in my other clients, and as last resort, I went to the offices of my client, and I check with my laptop and I get the same result.
0
 
LVL 5

Assisted Solution

by:Leeeee
Leeeee earned 250 total points
ID: 38744688
If it's limited to one user in a specific location in which you tested and experienced the same issue, it may be an access restriction on the equipment at that site..as in an ACL on a firewall/router.
0
Maximize Your Threat Intelligence Reporting

Reporting is one of the most important and least talked about aspects of a world-class threat intelligence program. Here’s how to do it right.

 

Author Comment

by:yassel
ID: 38744714
Hi Leeeee,

well, so far the only restriction that I have found was the ping, the client does not have any ACL limiting port 80 outbound, remember that my VPN service is hosted in port 80, exactly to avoid any miss configuration or any ISP restriction.

If you use port 80 to make the connection, that is the only port used between the cisco client and my ASA?

And of course the Cisco VPN client is configured to use IPsec over TCP

PD: the ping restriction was imposed by the ISP
0
 

Accepted Solution

by:
Cybersree earned 250 total points
ID: 38744797
Can you do a debug while trying the VPN connection from the particular user.? This is just to understand that the user is able to hit your ASA, if so what is happening..

debug crypto isakmp

Hope that this link would help you to troubleshoot.. :  http://www.cisco.com/en/US/tech/tk583/tk372/technologies_tech_note09186a00800949c5.shtml

If you donot see any hits then the issue in reachability.
0
 

Author Comment

by:yassel
ID: 38744981
I'm working in that point of view Cybersree, actually you are right, I have done a simple telnet test to port 80 and I don't get any connection attempt to my ASA, I have trying from another place and I get at least the IP coming to my ASA on port 80, so I need to check with the ISP of this user, WOW a simple connection on port 80 not working, something that not come to my mind at all.
0

Featured Post

Better Security Awareness With Threat Intelligence

See how one of the leading financial services organizations uses Recorded Future as part of a holistic threat intelligence program to promote security awareness and proactively and efficiently identify threats.

Join & Write a Comment

It’s 2016. Password authentication should be dead — or at least close to dying. But, unfortunately, it has not traversed Quagga stage yet. Using password authentication is like laundering hotel guest linens with a washboard — it’s Passé.
Getting hacked is no longer a matter or "if you get hacked" — the 2016 cyber threat landscape is now titled "when you get hacked." When it happens — will you be proactive, or reactive?
Polish reports in Access so they look terrific. Take yourself to another level. Equations, Back Color, Alternate Back Color. Write easy VBA Code. Tighten space to use less pages. Launch report from a menu, considering criteria only when it is filled…
You have products, that come in variants and want to set different prices for them? Watch this micro tutorial that describes how to configure prices for Magento super attributes. Assigning simple products to configurable: We assigned simple products…

747 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now