Weird Network behavior - XP/Cisco VPN/Http

[billsb]

OK, I think I have what may be the strangest bug I've heard about....

I have an Acer laptop that's been working fairly well - attached to
the internet via 802.11 and a NAT box. The only problem I had been
having was getting the CISCO VPN client to stay connected - sooo...
last night I re-installed the VPN client plus Ethereal and pcap so i
could trace issues if it failed.

OK - here's the weird part... after running for a while I find I am
unable to connect with HTTP servers. Other TCP connections work
find. When I looked at the sniffer trace it appears the outgoing
connection requests have modified packets with the IP source of the
outgoing SYN matching the destination and the outgoing destination
address is something I've not seen before.

It only happens with HTTP and can be reproduced by doing a "telnet
<IP> 80"

The problem goes away if I connect using the VPN and stays gone for a
while if I disconnect from the VPN.

I removed all the software I installed and still have the problem so
I'm guessing that there must be some crumb of a filter that looks for
http traffic and messes with the packet.

As I said before, other non-http traffic is not modified and works
fine.

Any hints?

 

[Hans-Georg Michna]

OK, I think I have what may be the strangest bug I've heard about....

CISCO VPN client

Any hints?

Only thing I can say that I've seen many messages like this
where a Cisco VPN client is involved.

First thing you may have to do is uninstall the Cisco VPN client
entirely and retest. If the problem disappears entirely, which,
I think, is likely, then you have to ask Cisco.

Otherwise check http://winhlp.com/wxnet.htm .

Hans-Georg

 

[billsb]

Thanks. Yes, the problem started occuring when I installed the VPN
client but didn't disappear when I removed it

My current workaround is to fire-up the vpn client when the problem
occurs and it goes away and stays gone when I disconnect/exit the
client. It works for while - then eventually breaks.

The next step will be to try and re-install XP (or go with Vista which
I think comes free-inside the new laptop) but if possible I'd like to
fix the problem.

 

[smlunatick]

Thanks. Yes, the problem started occuring when I installed the VPN
client but didn't disappear when I removed it

My current workaround is to fire-up the vpn client when the problem
occurs and it goes away and stays gone when I disconnect/exit the
client. It works for while - then eventually breaks.

The next step will be to try and re-install XP (or go with Vista which
I think comes free-inside the new laptop) but if possible I'd like to
fix the problem.






- Show quoted text -

This is a problem with any type of VPN client software, including the
bundled Microsoft VPN client in XP. By default, whenever a VPN tunnel
is active, this will route "all" traffic over this VPN tunnel and then
use the "default gateway" from the VPN termination end-point. You
need to modify the configuration of any VPN client in order to for you
to be able to access any local network resources. Check in the CISCO
VPN Client Properties Transport "tab" and check on 'Allow Local Lan
Access."