Cisco 3005 VPN issue

By demory ·
On my network I have a Cisco 3005 VPN concentrator with a public IP of 66.X.X.X and private IP of 172.X.X.X that works fine. I recently ordered a 2nd T1 from our ISP with the need to add a 2nd 3005 VPN. VPN2 sits on a public of 70.X.X.X and on the same private network. From the Internet, I can access either VPN and go through my 2003 ACS server for AAA and see the inside network of servers. A problem is occurring with several of my remote users in that they can no longer connect to VPN1 yet have full Internet capabilities, while other clients have no connection issues.

No one is currently using VPN2 due to network testing and setup... all user VPN clients point to VPN1. I found that if I power off VPN2, those clients who were unable to connect can now do so. There seems to be no clear reason -- all are XP SP2 and broadband... some via wireless while others are hard wired. I tried putting VPN2 on a different internal Vlan and thought I had some success but later found that it too was causing failures. No errors are showing on the ACS server as far as failed logins. When VPN2 is up, I see successful logins from test connections as well as normal logins from VPN1 traffic.

Any thoughts would be much appreciated.


This conversation is currently closed to new comments.

Thread display: Collapse - | Expand +

All Answers

Collapse -

Problem found

by demory In reply to Cisco 3005 VPN issue

It appears that there were some routing issues on the internal network that were causing this problem. Trying to setup a remote site on a Cisco 871 to do direct VPN tunnel into VPN2 and some related commands there messed up routing.

Still fighting the 871 config but that's another story.

Related Discussions

Related Forums