Chapter22.Remote Access VPN Troubleshooting Scenarios


Chapter 22. Remote Access VPN Troubleshooting Scenarios

This chapter provides real-world scenarios faced by Cisco's internal remote access (RA) group in supporting their Virtual Private Network (VPN) infrastructure. Each scenario is followed by several possible problems or cases, and each case includes one or more solutions. The chosen cases were derived from over 4000 cases solved by the group. Cisco proudly declares that they implement all their own products in their own network. The solutions provided might not be the only ones for that particular problem; however, they are thoroughly tested and are proven to be the most successful.

The scenarios are based on the Cisco VPN 3000 client version 3.0 (also called the Unity client) for Microsoft Windows. Versions of the VPN client 3.5- suport only Windows operating systems. Versions 3.5+ support operating systems other than Windows, including MAC OSX and Solaris 2.6. Also, the VPN client for Linux supports Red Hat version 6.2 Linux (Intel), or compatible libraries with glibc Version 2.1.1-6 or later, using kernel versions 2.2.12 or later. This chapter primarily focuses on the following common troubleshooting scenarios:

  • Initial preparation for RA VPN troubleshooting

  • Authentication problems and their resolution

  • Trouble passing data after successful authentication

  • RA VPN and xDSL issues and their troubleshooting

  • RA hardware VPN client 3002 issues and their troubleshooting

  • Extranet VPN issues and their troubleshooting

These scenarios assist VPN users and VPN network administrators to solve current issues. In some of the following scenarios, the perspective from the user and the core environment are documented to show the troubleshooting steps that a network administrator and a user should take to solve a particular problem. Table 22-1 is a quick reference to help you get started.

Table 22-1. Scenario Quick Reference Table

Scenario

Case Details

Location in Chapter

Authentication issues (involving an Internet Service Provider [ISP])

Bad group name or password

See Scenario 1, Case 1

 

Prompted multiple times for username and password

See Scenario 1, Case 2

 

Firewall software

See Scenario 1, Case 3

 

MTU set high

See Scenario 1, Case 4

 

MTU set low

See Scenario 1, Case 5

Problems passing data

Cannot pass datause Network Address Translation (NAT) connection entry

See Scenario 2, Case 1

 

Maximum transmission unit (MTU) causing packet loss

See Scenario 2, Case 2

 

Connection keeps getting dropped

See Scenario 2, Case 3

 

Cannot browse the internal domain

See Scenario 2, Case 4

PPPoE Software/Hardware

Point-to-Point Protocol over Ethernet (PPPoE) software issues

See Scenario 3, Case 1

 

IOS-based PPPoE issues

See Scenario 3, Case 2

3002 Connection issues

Cannot connect to the concentrator

See Scenario 4

Extranet problems

Problems connecting through company X's firewall

See Scenario 5





Troubleshooting Remote Access Networks CCIE Professional Development
Troubleshooting Remote Access Networks (CCIE Professional Development)
ISBN: 1587050765
EAN: 2147483647
Year: 2002
Pages: 235

flylib.com © 2008-2017.
If you may any questions please contact us: flylib@qtcs.net