site Search:


Home Reviews Tools Forums FAQs Find Service ISP News Maps About  
 
    All Forums Hot Topics Gallery






how-to block ads

  
Forums >

Equipment Support > Hardware By Brand > Cisco > Cisco SA520 VPN

Search Topic:
 Uniqs:
678		 Share Topic
Posting?
Post a:
Post a:
Links: ·Submit a new forum topic ·Forum FAQ ·Submit a FAQ ·Docs Guidelines and Advisories ·EOS/EOL thread
AuthorAll Replies


Edrick
I aspire to tell the story of a lifetime
Premium
join:2004-09-11
Woburn, MA

Cisco SA520 VPN

I'm trying to setup a Client to VPN on a Cisco SA520, I went through the Wizard and it setup the IPSec VPN. However the remote system still says the VPN isn't responding.

In VPN Wizard I did VPN Type: Remote Access

Enabled Cisco VPN Client

Named the Connection
Entered a pre-shared key
Local WAN Interface is set to Dedicated WAN
Remote Gateway Type FDQN
Locate Gateway Type is set to the IP of the static public IP.
Remote LAN IP Are empty, it does't allow me to enter anything there.

The layout of the network is a Comcast Business connection, with their SMC Router. Their SMC Router isn't set to give out IPs and the firewall is disabled with DMZ set to the Cisco Router. So that's basically acting as a bridge. Then I have the SA520 connected to that, it does seem port forwarding is working from the SA520 as I have other ports open.

So I'm trying to figure out what's missing that I cant get the client VPN to connect.
--
Edrick Smith
Independent Film & Broadcast Producer
»edricksmith.com
to forum · permalink · 2013-01-10 15:36:44 ·

HELLFIRE

join:2009-11-25
kudos:7

1) post the config or webgui if possible.

2) any logs / debugs to help troubleshoot with?

3) done any basic layer 3 / 4 connectivity troubleshooting? Pings, telnets on the port(s), etc?

Regards

to forum · permalink · 2013-01-12 13:51:54 ·


Edrick
I aspire to tell the story of a lifetime
Premium
join:2004-09-11
Woburn, MA

reply to Edrick

Click for full size
Click for full size
Click for full size
Click for full size
Click for full size
Click for full size
Click for full size
The VPN Wizard screen is just a sample of what I put in before. Am I correct that I wouldn't need to setup firewall rules for this VPN since the VPN is on the unit its self?

If we're able to determine if any of those settings are incorrect I can see about getting some logs. I know for example I am able from the outside world to access ports that have been forwarded.
to forum · permalink · 2013-01-31 17:05:56 ·

HELLFIRE

join:2009-11-25
kudos:7

reply to Edrick
Don't see anything glaringly obvious, but without access to the other end its hard to say.

You obviously want to keep an eye on your VPN phase 1 and 2 configurations and ensure they match on the
other end -- encryption / hash algorithm, preshared key, etc. I'd also make sure any relevant firewall rules
are present as well, to be sure.

Regards

to forum · permalink · 2013-02-01 11:07:03 ·


Edrick
I aspire to tell the story of a lifetime
Premium
join:2004-09-11
Woburn, MA

The remote end is either a OS X Client or iPhone Client. The problem I'm getting or at least the error is it says it couldn't connect, so it's not giving me an error of unable to authenticate or anything. Just that the VPN server didn't respond.

the SA520 handels the firewall so would I just set the ports to forward directly to the SA520 in its firewall settings?

to forum · permalink · 2013-02-01 14:43:20 ·

HELLFIRE

join:2009-11-25
kudos:7

reply to Edrick
Hmm... hope the SA5xx has some sort of logging facility to watch when someone's trying to connect.
I'd definately try permitting the ports in the firewall rules and working from there.

Regards

to forum · permalink · 2013-02-03 22:14:08 ·
Forums > Equipment Support > Hardware By Brand > Cisco

Wednesday, 22-May 03:14:38 Terms of Use & Privacy | feedback | contact | Hosting by nac.net - DSL,Hosting & Co-lo
over 13.5 years online © 1999-2013 dslreports.com.
Most commented news this week
Hot Topics