Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

One VPN user cannot browse the Encrypted Network

Status
Not open for further replies.

hexOffender

Programmer
Nov 6, 2006
146
US
I have a Cisco ASA 5510 for VPN connectivity. At any given time there are 2-4 users connected, although there are over a hundred accounts set up. I have one new user who is external to the company who can connect to the VPN, but cannot ping anything or access anything. I have had his Admin check the IPSEC pass through on their firewall, the Windows Firewall, I have opened access-lists just for his IP, but nothing seems to fix this. He is using the same client and default policy as all the other users.
 
Is his local PC's IP address in the same range as the network's range. He needs to be in a different range.

Hope this helps.

Please help us help you. Read Tek-Tips posting polices before posting.
Canadian members check out Tek-Tips in Canada for socializing, networking, and anything non-technical.
 
No his ip is different..

C:\>ipconfig /all



Windows IP Configuration



Host Name . . . . . . . . . . . . : ZHP3000K

Primary Dns Suffix . . . . . . . : .com

Node Type . . . . . . . . . . . . : Hybrid

IP Routing Enabled. . . . . . . . : No

WINS Proxy Enabled. . . . . . . . : No

DNS Suffix Search List. . . . . . : .org





Ethernet adapter Local Area Connection:



Connection-specific DNS Suffix . : .local

Description . . . . . . . . . . . : Realtek PCIe GBE Family Controller

Physical Address. . . . . . . . . : 40-61-86-90-D7-4B

Dhcp Enabled. . . . . . . . . . . : Yes

Autoconfiguration Enabled . . . . : Yes

IP Address. . . . . . . . . . . . : 200.200.200.86

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . :

DHCP Server . . . . . . . . . . . : 200.200.200.9

DNS Servers . . . . . . . . . . . : 200.200.200.9

200.200.200.5

Primary WINS Server . . . . . . . : 200.200.200.9

Lease Obtained. . . . . . . . . . : Tuesday, August 10, 2010 10:03:36 AM



Lease Expires . . . . . . . . . . : Tuesday, August 24, 2010 10:03:36 AM





Ethernet adapter Local Area Connection 2:



Connection-specific DNS Suffix . : .org

Description . . . . . . . . . . . : Cisco Systems VPN Adapter

Physical Address. . . . . . . . . : 00-05-9A-3C-78-00

Dhcp Enabled. . . . . . . . . . . : No

IP Address. . . . . . . . . . . . : 192.168.1.6

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 192.168.1.1

DNS Servers . . . . . . . . . . . : 128.1.5.1

128.1.0.200

 
do you have nat-traversal enabled??

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)
 
Can you check if the policy being downloaded (split-tunnel or Full tunnel) on to his PC when connected. Righ click on the vpn client on laptop (once connected) and you can find this from statistics or some other option (Do not have client in front of me at this time ;-).

hth
MS
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top