VPN Client and different dialup ISP's

[Silene]

I'm using Cisco VPN client 1.1 for secure dialup connectiopns into the PIX 3000 box.
With some dialup ISP's e.g. BTInternet, Netscape OnLine, it
all works fine and authenticates properly to allow access
behind the firewall. However others such as Freeserve cause
a strange error. The client IPSeclog file reads like this :

New dial interface IP Addr = 217.135.45.245
No interfaces detected
Cannot establish connection on the specified network interface
Failed to initiate negotiation

Does anyone have any clue why some work and others don't, and is there anything that can be done about it as our
field salesmen have a host of different ISP's and I'd prefer
not to have to change/test them all.

Thanks

Silene

 

[Bluecrack]

Unfortunately some ISPs still block VPN protocols (GRE, AH, ESP). That will definitely cause a problem. We ran into the same problem about 6 months ago and were able to convince the smaller ISP to allow those protocols through.

To test more, turn on debugging on the PIX and check the debug you get for a failing connection with the debug you get for a successful connection. See where they fail.

Bluecrack