Security

Reply
Contributor I

Guest Access VPN issue

Great! Thanks! Sorry for the late reply...

 

How about this one...

 

I had a guest user call me. We have the controllers acting as the DHCP server for the guest network, and traffic is NAT'd out. This user called because he could not connect to his company's VPN concentrater...was getting a 412 error on a Cisco client. I thought perhaps the firewall was the issue, so I temporarily added a rule at the top to basically: user  any  src-nat <pool>, but he still couldn't connect.

 

How can I verify that NAT'ing is working properly for VPN? All other traffic (web, SMTP, etc) works well with this NAT setup...

Guru Elite

Re: Guest Access VPN issue


jp.briggs wrote:

Great! Thanks! Sorry for the late reply...

 

How about this one...

 

I had a guest user call me. We have the controllers acting as the DHCP server for the guest network, and traffic is NAT'd out. This user called because he could not connect to his company's VPN concentrater...was getting a 412 error on a Cisco client. I thought perhaps the firewall was the issue, so I temporarily added a rule at the top to basically: user  any  src-nat <pool>, but he still couldn't connect.

 

How can I verify that NAT'ing is working properly for VPN? All other traffic (web, SMTP, etc) works well with this NAT setup...


If all other traffic is working, then NAT is working; you do not have to add that statement.  The Cisco VPN client routinely uses port 10000 to connect.  Make sure that port is being allowed in your guest ACLs.

 

As a tip, many people just try to allow DNS, block internal traffic, then allow all to deal with troublesome issues like VPN clients that use special ports.

 



Colin Joseph
Aruba Customer Engineering

Looking for an Answer? Search the Community Knowledge Base Here: Community Knowledge Base

Occasional Contributor II

Re: Guest Access VPN issue

Did you get resolution for Guest access VPN issue?

I am having same issue with the guest user.

My controller running on IOS 5.0.3.3

Guest users are not able to connect outside VPN.

Any help will be appreciated..

Regards,

Jiggy

Search Airheads
cancel
Showing results for 
Search instead for 
Did you mean: