Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1732
  • Last Modified:

Cisco VPN secure vpn connection terminated locally by the client eason 412: the remote peer is no longer responding

Hi guys,

I have looked around this topic:
"Cisco VPN secure vpn connection terminated locally by the client eason 412: the remote peer is no longer responding"

but so far I have not found a solution for my problem, this is my scenario:
I have several clients working with cisco vpn clients without problem, but I have one particular user that can't connect to my ASA, my VPN configuration was modified to have these service in port 80, as I said before, all users are working and only one is having problems, after check and troubleshoot, I have found that this user is not able to do a ping to my IP(all other can do ping), I check that he can go to any web site, so port 80 is open :) , but ping is not enabled.
My question: Cisco VPN client need to perform a ping to check if the peer is up when he is establishing the connection?

Thanks for your help guys
0
yassel
Asked:
yassel
2 Solutions
 
ibrahim52Commented:
is it static IP or dynamic URL and If you can try un-installing network drivers through device manager and installing it back.
0
 
yasselAuthor Commented:
is an static IP, and I try in the same client with 4 machines :(, 2 new instalations of windows XP, 7, and a linux, all are the same OS that is working in my other clients, and as last resort, I went to the offices of my client, and I check with my laptop and I get the same result.
0
 
LeeeeeCommented:
If it's limited to one user in a specific location in which you tested and experienced the same issue, it may be an access restriction on the equipment at that site..as in an ACL on a firewall/router.
0
NEW Veeam Backup for Microsoft Office 365 1.5

With Office 365, it’s your data and your responsibility to protect it. NEW Veeam Backup for Microsoft Office 365 eliminates the risk of losing access to your Office 365 data.

 
yasselAuthor Commented:
Hi Leeeee,

well, so far the only restriction that I have found was the ping, the client does not have any ACL limiting port 80 outbound, remember that my VPN service is hosted in port 80, exactly to avoid any miss configuration or any ISP restriction.

If you use port 80 to make the connection, that is the only port used between the cisco client and my ASA?

And of course the Cisco VPN client is configured to use IPsec over TCP

PD: the ping restriction was imposed by the ISP
0
 
CybersreeCommented:
Can you do a debug while trying the VPN connection from the particular user.? This is just to understand that the user is able to hit your ASA, if so what is happening..

debug crypto isakmp

Hope that this link would help you to troubleshoot.. :  http://www.cisco.com/en/US/tech/tk583/tk372/technologies_tech_note09186a00800949c5.shtml

If you donot see any hits then the issue in reachability.
0
 
yasselAuthor Commented:
I'm working in that point of view Cybersree, actually you are right, I have done a simple telnet test to port 80 and I don't get any connection attempt to my ASA, I have trying from another place and I get at least the IP coming to my ASA on port 80, so I need to check with the ISP of this user, WOW a simple connection on port 80 not working, something that not come to my mind at all.
0

Featured Post

Prepare for an Exciting Career in Cybersecurity

Help prevent cyber-threats and provide solutions to safeguard our global digital economy. Earn your MS in Cybersecurity. WGU’s MSCSIA degree program curriculum features two internationally recognized certifications from the EC-Council at no additional time or cost.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now