Board index Windows2000

RRAS VPN to Cisco vs. Microsoft

RRAS VPN to Cisco vs. Microsoft

Post by Jonathan Mal » Wed, 14 May 2003 02:46:01



I have a home network connected to work through RRAS, using a VPN
interface and routing rules.  The current VPN interface connects to an
MS PPTP VPN Server at work.  We are in the process of adding in a
CISCO VPN Concentrator for additional load.  In my first tests to
connect to the concentrator, RRAS appears to connect, but no traffic
moves over the link.  Eventually, after a few minutes, the link goes
down.  There is no log information.

When using the Microsoft VPN client to connect directly (not using
RRAS or the Cisco VPN client), I can get things to work.  RRAS
apparently is doing something differently.

To recap, RRAS VPN to MS VPN Server works fine.  When I change the
properties of the VPN interface to point to the Cisco Concentrator,
RRAS appears to connect but I cannot ping any resources on the remote
LAN.  Finally, I can connect directly to the Cisco concentrator using
the MS VPN client (i.e. without RRAS).

Any recommendations?

 
 
 
Top

RRAS VPN to Cisco vs. Microsoft

Post by Robert » Wed, 14 May 2003 07:35:06


quoted from http://www25.brinkster.com/ChicagoTech
How to add DNS and WINS into your (Cisco) VPN server

If your VPN client cannot find servers or cannot ping computernmae, you need
to add DNS and WINS into your VPN server. For example, to add DNS and WINS
on a Cisco Firewall PIX, add vpdn group 1 client configuation dns
dnsservername and vpdn group 1 client configuration wins winsservername..

For more information, go to  http://www25.brinkster.com/ChicagoTech

Don't send e-mail or reply to me except you need consulting services.
Posting on MS newsgroup will benefit all readers and you may get more help.

Robert Lin, MS-MVP, MCSE & CNE
Windows & Network Support, Tips and FAQs on
http://www25.brinkster.com/ChicagoTech
This posting is provided "AS IS" with no warranties.


Quote:> I have a home network connected to work through RRAS, using a VPN
> interface and routing rules.  The current VPN interface connects to an
> MS PPTP VPN Server at work.  We are in the process of adding in a
> CISCO VPN Concentrator for additional load.  In my first tests to
> connect to the concentrator, RRAS appears to connect, but no traffic
> moves over the link.  Eventually, after a few minutes, the link goes
> down.  There is no log information.

> When using the Microsoft VPN client to connect directly (not using
> RRAS or the Cisco VPN client), I can get things to work.  RRAS
> apparently is doing something differently.

> To recap, RRAS VPN to MS VPN Server works fine.  When I change the
> properties of the VPN interface to point to the Cisco Concentrator,
> RRAS appears to connect but I cannot ping any resources on the remote
> LAN.  Finally, I can connect directly to the Cisco concentrator using
> the MS VPN client (i.e. without RRAS).

> Any recommendations?


 
 
 
Top

RRAS VPN to Cisco vs. Microsoft

Post by Jonathan Mal » Wed, 14 May 2003 11:51:07


Thank you for your time.  I suspect that this is a deeper problem,
since within a minute or two, the interface appears as disconnected in
the RRAS admin UI.  In other words, it is connecting, staying
connected for a few moments (or not really connecting at all), and
then showing as disconnected.

Furthermore, I am running my own WINS internally, and replicating with
the WINS server at work on a nightly basis.  But I see no traffic
across that link (and all my routing rules are correct, I know this
because simply changing the VPN server produces success).

So there is something odd about trying to connect RRAS through VPN to
Cisco, vs. to Microsoft.  Furthermore, it is something explicitly odd
about RRAS VPN, vs. using the regular VPN client (the one in
Network->Connections), because I can connect to the Cisco VPN
concentrator that way.

Any other ideas?


> quoted from http://www25.brinkster.com/ChicagoTech
> How to add DNS and WINS into your (Cisco) VPN server

> If your VPN client cannot find servers or cannot ping computernmae, you need
> to add DNS and WINS into your VPN server. For example, to add DNS and WINS
> on a Cisco Firewall PIX, add vpdn group 1 client configuation dns
> dnsservername and vpdn group 1 client configuration wins winsservername..

> For more information, go to  http://www25.brinkster.com/ChicagoTech

> Don't send e-mail or reply to me except you need consulting services.
> Posting on MS newsgroup will benefit all readers and you may get more help.

> Robert Lin, MS-MVP, MCSE & CNE
> Windows & Network Support, Tips and FAQs on
> http://www25.brinkster.com/ChicagoTech
> This posting is provided "AS IS" with no warranties.



> > I have a home network connected to work through RRAS, using a VPN
> > interface and routing rules.  The current VPN interface connects to an
> > MS PPTP VPN Server at work.  We are in the process of adding in a
> > CISCO VPN Concentrator for additional load.  In my first tests to
> > connect to the concentrator, RRAS appears to connect, but no traffic
> > moves over the link.  Eventually, after a few minutes, the link goes
> > down.  There is no log information.

> > When using the Microsoft VPN client to connect directly (not using
> > RRAS or the Cisco VPN client), I can get things to work.  RRAS
> > apparently is doing something differently.

> > To recap, RRAS VPN to MS VPN Server works fine.  When I change the
> > properties of the VPN interface to point to the Cisco Concentrator,
> > RRAS appears to connect but I cannot ping any resources on the remote
> > LAN.  Finally, I can connect directly to the Cisco concentrator using
> > the MS VPN client (i.e. without RRAS).

> > Any recommendations?

 
 
 
Top

1. Win2k VPN vs Hardware VPN (Cisco) - The Best VPN Solution

Ok guys here is the scoop:

I have been asked to gather some VPN information (as much as
possible)for a campus wide (university) solution. We have about 5000
users and out of those maybe the most would be 1500 at peak for remote
access.

* We are currently upgrading to a Win2k environment with Native mode
in mind. We have a few Mac users too. We also have or moving too Cisco
4000 series switches for the diff. buildings we have. === Thats about
all the info I have.

** For the past year we had been looking at the Shiva LAN rover but
the infrastructure guys have not been succesful in making it work for
us. When using the logging in remotely you can't access certain file
servers. So we want another solution to look at other than Shiva.

*** I am pretty much efficient with Microsoft and like their VPN
solution. Its very compatible with standard VPN protocols and with
Cisco too. Maybe some dedicated VPN servers would be a good solution
for us. Good with authentication and everything. I lean more towards
this now where I stand.

** But would you recommend like the Cisco Concentrator 3000 series???
or any  other Hardware solution why? Why not? I hear Nortel is good
too!!

********************* WHAT IS YOUR ENTERPRISE SOLUTION?**************

so whats your opinion/recommendation?? ArE you InTo InFrAsTrUcTuRe???
let me know please.

Basically we wanted for remote access security and may be in the
future be able to provide DSL service.

2. Newbie needs help with Meridian1 voice mail admin

3. Microsoft CA vs. Cisco SCEP protocol

4. AxCrypt - Open Source AES File Encryption for Windows 95/98/ME/NT/2K/XP

5. Microsoft VPN Security questions vs SonicWall VPN??

6. Distinguishing keyboard-taps from macros?

7. Win2K VPN RRAS and Cisco Router

8. IIGS Motherboard

9. Cisco VPN client via WIN2000 RRAS/NAT

10. Cisco VPN Client with Windows 2000 RRAS

11. Microsoft VPN Client and Cisco Concentrator

12. VPN, Microsoft 2000 and Cisco

13. Windows 2000 Servers browsing with CISCO 3000 series concentrator and Cisco VPN client


All times are UTC
Board index