Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Shaun E on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

ISA Server & Cisco VPN Client

Status
Not open for further replies.
QCumber

QCumber

Technical User
Apr 23, 2003
45
GB
Hi there,

I use Cisco VPN client 4 to connect to my PIX firewall at the office. I will be working at a remote site for the next few weeks and discovered yesterday that my Cisco VPN client can't get out through their ISA server.

What do I need to add or change in the ISA config to allow the VPN client to connect to the PIX? The ISA server is acting as a firewall / proxy only with no VPN services.

TIA,

S.
 
Sort by date Sort by votes
Forgot to add that I've configured access for ports 500 and 4500 as per Microsoft Knowledge Base Article - 812076 but I still can't get a connection.

S.
 
Upvote 0 Downvote
Hello, you've answered your own question, the Microsoft article is exactly what you have to do if that doesn't work than it is either an ISA problem or a client problem. I've seen client issues with VPN client so update to the very latest, with default settings for connecting. An ISA services might need to be restarted if the box is hokey but I've used ISA for a while, ran into this, applied the Microsoft solution by creating the defs and then creating the protocol rule, and it worked within a minute of applying those changes.
 
Upvote 0 Downvote
Did you ever get the Cisco Client to get through the ISA server? I have the same problem and not getting anywhere as of yet.

Thanks
 
Upvote 0 Downvote
I had the same problem. Here is how i got it working

Create two new Protocol definitions on the Server for Upd access
- Udp Port 500 for Send and Receive
- Udp Port 10,000 for Send and Receive
Create a new Protocol Rule to allow These protocol to be used and apply it.(Make sure it is set to Send/Receive, the default is recieve/send)

Client Computer Setup – Done on each computer using the service
Set the default gateway of the computer to the ISA servers Ip address. This puts the computer in Secure Nat Mode
- Install the Cisco Vpn Client
- Run the “Vpn Dialer” click on options and then properties, put a check in “Enable Transparent Tunneling” and also click on “allow IPsec Over UDP(Nat/Pat)”
- Click Ok and then Connect

This should do the job for you.

Nick


 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

intel233
  • Locked
  • Question
Cisco ASA - VPN Question
Replies
6
Views
883
intel233
intel233
WhosYourDiffie
  • Locked
  • Question
Cisco ASA 5506 VPN for Avaya Phones
Replies
0
Views
312
WhosYourDiffie
WhosYourDiffie
MottoK
  • Locked
  • Question
Cisco ISE blank GUI
Replies
0
Views
647
MottoK
MottoK
intel233
  • Locked
  • Question
Cisco ASA 5510 -Static NAT Help
Replies
8
Views
1K
intel233
intel233
AllenH12
  • Locked
  • Question
Bandwidth in Cisco ASA 5505
Replies
2
Views
500
AllenH12
AllenH12

Part and Inventory Search

Sponsor

Back
Top