[Vpn-help] Traffic to Cisco VPN 3000 goes only in one direction

Martin Emrich martin.emrich at living-e.com
Tue Sep 15 04:28:39 CDT 2009


Hello!

Matthew Grooms schrieb:
> -> : send ESP packet x.x.x.x -> y.y.y.y ( 112 bytes )
> <- : recv ESP packet y.y.y.y -> x.x.x.x ( 112 bytes )
>
> If you don't see the return packet, I would try to investigate why the 
> return packets don't reach your host. Sometime older NAT routers have 
> problems with NAT-T. You could try disabling this and give it another shot.
>   
Indeed, I do not see any incoming ESP traffic in the log. After a little 
investigation, I noticed that the original Cisco client does not work in 
this WLAN either. So I switched to another network, there the Cisco 
client works. But the Shrew Soft client does no longer connect (it fails 
with "session terminated by gateway"). The log on the Cisco 3005 is not 
very helpful. Attached is the client IPSec log. I imported the Cisco PCF 
file, so I assume it's a setting that is not contained in the PCF...

Thanks

Martin
-------------- next part --------------
An embedded and charset-unspecified text was scrubbed...
Name: ipseclog.txt
URL: <https://lists.shrew.net/pipermail/vpn-help/attachments/20090915/7ce49d7f/attachment-0002.txt>


More information about the vpn-help mailing list