[vpn-help] client connects from some locations, not others
Scott Smith
ssmith at telizon.biz
Thu Jan 24 07:52:48 CST 2013
Thanks for your reply Kevin, I'll try generating that debug data and follow
your suggestions. I've used Wireshark before so I'll refresh myself on that
& give it a shot!
Oddly, using the same laptop & connection profile from another location,
shrew & cisco both work beautifully.
Thanks,
Scott
-----Original Message-----
From: vpn-help-bounces at lists.shrew.net
[mailto:vpn-help-bounces at lists.shrew.net] On Behalf Of Kevin VPN
Sent: Wednesday, January 23, 2013 10:30 PM
To: vpn-help at lists.shrew.net
Subject: Re: [vpn-help] client connects from some locations, not others
On 01/09/2013 03:47 PM, Scott Smith wrote:
> Hi there, wondering if anyone has had any similar issue, where Shrew
> will connect to a PIX515E from only some locations but the cisco
> client works from all.
>
>
> From: vpn-help-bounces at lists.shrew.net
> [mailto:vpn-help-bounces at lists.shrew.net] On Behalf Of Scott Smith
> Sent: Thursday, December 20, 2012 9:12 PM
> To: vpn-help at lists.shrew.net
> Subject: [vpn-help] client connects from some locations, not my house!
>
>
> Using the same machine, installation & VPN connection profile I am
> able to connect to a CISCO PIX 515E from some locations (public
> library, remote office, co-workers house), but not from my own home
> and not from my bosses place.
>
> The machine I'm using is a Windows 7 64-bit running Shrew 2.2.0 (2.1.7
> had the exact same issue).
>
> My home internet connection is not stellar (It's rural wireless, up to
> 3Mbps
> down/768 kbps up) but works well enough for the Cisco VPN client to
> connect when running in XP mode. Could the connection speed be an
> issue for Shrew even though Cisco works?
>
> I've checked the connection MTU but didn't locate a problem there.
>
Hi Scott,
I don't have a solution for you, but I'm curious about the problem. I too
have some clients that just don't work, even though the configuration works
for other people in other places. I've never managed to reproduce it myself
and my clients never have the patience to debug it with me.
What's interesting about your situation is that the Cisco client works,
which tells us that IPsec does work from your location, so we should be able
to get the Shrew client working!
Anyway, a first step in diagnosing the problem would be to get some good
debug data. I don't know how to get debugging data out of the Cisco client,
but here's how to do it in Shrew:
http://www.shrew.net/support/VPN_Bug_Report_Windows
Do you know how to use Wireshark? I think it would be informative to get a
packet capture of a successful Cisco client session and a failed Shrew
client session to compare the packets. Just connect then disconnect to keep
the overall packet trace small.
_______________________________________________
vpn-help mailing list
vpn-help at lists.shrew.net
https://lists.shrew.net/mailman/listinfo/vpn-help
More information about the vpn-help
mailing list