Solved

CISCO VPN Question - How do you tell why it did not connect?

Posted on 2013-05-20
5
531 Views
Last Modified: 2013-06-06
Hi,
I am at Starbucks trying to VPN into a client VPN but it just starts to connect then nothing, except says at bottom "Not Connected"

The Log shows:

Cisco Systems VPN Client Version 4.8.00.0440
Copyright (C) 1998-2005 Cisco Systems, Inc. All Rights Reserved.
Client Type(s): Windows, WinNT
Running on: 5.1.2600 Service Pack 3
Config file directory: C:\Program Files\Cisco Systems\VPN Client

1      16:25:51.180  05/20/13  Sev=Warning/3      GUI/0xA3B0000B
Reloaded the Certificates in all Certificate Stores successfully.

I wanted to know what I should not count on while travelling.
0
Comment
Question by:bcarlis
  • 3
  • 2
5 Comments
 
LVL 20

Expert Comment

by:rauenpc
ID: 39182728
If you can ping the IP/URL of your vpn server (ASA, PIX, etc.) or at least get out to websites but you get no response from the vpn client, there are usually two reasons. There is a major configuration issue and you could get the network admin on the phone, or the guest network you are on blocks vpn connections (and there are a lot of free wifi places that do in fact block vpn connections). If you are being blocked, you would need to talk the network admin into enabling Anyconnect which run over SSL the same as secure websites. This may be more difficult to accomplish as it usually comes with a licensing cost.

To figure out if you're being blocked, you would need to get your network admin on the phone to see if he/she can see the connection attempt coming in or not. If they can't see the attempt, you are likely being blocked.
0
 
LVL 2

Author Comment

by:bcarlis
ID: 39182777
Thank you... I didn't try pinging which I should have :-)
But - it does see the server, gets replies back but not VPN connect.

I did clear the log and try again and it doesn't even give that warning.. that must have been an old warning. :-)

So I would need a usb network card supplied by my work to get around blocking VPN.. yes?
0
 
LVL 2

Author Comment

by:bcarlis
ID: 39182784
So there is a setting on the wireless that is set to block or allow VPN?
So even at home if it is not set to allow VPN I'm out of luck?
0
 
LVL 20

Accepted Solution

by:
rauenpc earned 400 total points
ID: 39183147
When I said that the vpn would be blocked, I mean the company providing the wireless is blocking VPN traffic. So it would be Starbucks, or Panera, or La Quinta Inn, or whomever that has equipment in place to block your VPN connection. I would doubt that a setting on your computer is specifically blocking VPN traffic.
The SSL VPN I mentioned is VPN all the same except that it encrypts in the same way that a banking website would encrypt traffic so places that block VPN traffic have no way to detect that you're using an SSL VPN because it doesn't appear any different than regular (secure) web traffic.

At home I wouldn't suspect anything to block you from connecting to VPN except configuration issues. Things like not actually being online, not having the correct VPN profile, invalid credentials, etc. There's always the chance that this is a firewall issue at your place of business which would be most likely affecting many users. This may be a job for your network admin again whether firewall or PC related.
0
 
LVL 2

Author Closing Comment

by:bcarlis
ID: 39227717
Ok, yes I can access using my Hot Spot on my Verizon phone...
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

I had an issue with InstallShield not being able to use Computer Browser service on Windows Server 2012. Here is the solution I found.
For months I had no idea how to 'discover' the IP address of the other end of a link (without asking someone who knows), and it drove me batty. Think about it. You can't use Cisco Discovery Protocol (CDP) because it's not implemented on the ASAs.…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

773 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question