Re: VPN problems for some accounts...
OK... I wanted to follow up on this and share the resolution. The problem was in fact a problem with the firewall they were using at that location. I finally convinced them it was something on their network when I could connect using a laptop I had brought with me just fine using a Verizon wireless card, but on their network I had the exact same symptoms. We watched the firewall logs together and we noticed that shortly after connection (the longest time frame we observed was about 12 minutes), the Border server would send something to the client over port 4500, but the firewall was interpreting that as a traceroute and shut down the connection. Fortunately, they had another firewall at that location they could use (for a site to site VPN to their parent company), so we routed out through that one instead of their usual router to the outside world and that seemed to resolve the issue.
So, in summary, their Watchguard Firebox didn't like some of the packets Border was sending to the client so it clamped it down. I have no idea if they were on a current firmware or O/S revision for their firewall or not and I don't really want to try to start supporting it, but they were able to get in just fine in the end.
Didn't want to leave this issue hanging out there... thank you for all your assistance going through it Craig!
topher
|
Threaded Mode
