none
Cisco AnyConnect VPN Client And MFWC RRS feed

  • Question

  • I hope that someone in this forum can help me. I've posted in the SBS Forum but have received no replies, so I thought I'd give this one a shot.

    Our configuration is: ISA 2004 std on a SBS 2003 server. All workstations are XP Pro sp3 fully patched. All browsers are same version. Here is the problem that I’m having.

    Installed Cisco AnyConnect VPN Client on four different workstations. One works correctly, on the other three they cannot resolve DNS for the VPN servers. From all of them I can ping by IP Address and get responses with no dropped packets, but if I try to ping by server.domain.local no response. If I use a browser, either IE or Firefox, I cannot connect to their sites either by IP Address or FQDN. I believe that I’ve narrowed it down to the Firewall client on these computers. I was able to get one of them to connect a correctly a few times and noticed that not only did I get the “You are working offline” message the FWC would disable itself and all would work great. Now none of them will connect correctly. Since my workstation works fine I know AnyConnect makes the connection and on all of the others we can ping Destination Servers by IP Address, so routing, auth, etc. works.

    If I manually disable the FWC on the other workstations it doesn’t help at all, ISA has to do it to make it work.
    On my workstation I can RDP to a server on the others no way. I know that this has got to be something simple but it is eluding me. I’ve updated nic drivers, reset the winsock, tried deleting and reinstalling both the FWC and the Cisco VPN client on all of the workstations to no avail
    .
    Again please forgive me if this is an inappropriate post for this forum, but I'm stuck and I’m hoping someone else has had this problem and can point me to the solution.

    Thanks,
    Chuck

     

    Monday, March 19, 2012 6:30 PM

Answers

  •  

    Hi,

    Thank you for the post.

    Please make sure to set the Client as SecureNet , that is the Default Gateway for this client should be pointing to ISA Server Internal IP. For more information, please refer to this link: http://www.elmajdal.net/isaserver/How_To_Allow_Cisco_VPN_Client_To_Connect_Through_ISA_Server.aspx.

    Regards,

    I finally took the easy way out and just uninstalled the FWC on the problematic machines, not something I really wanted to do. The Cisco VPN Client now works correctly. I'll do more research and trouble shooting on another box later but had to get this up and running due to some deadlines.

    Thank you for your reply.

    Chuck
    • Marked as answer by Juke Tuesday, March 20, 2012 5:41 PM
    Tuesday, March 20, 2012 5:41 PM

All replies