Cisco VPN client OK - Checkpoint VPN client not OK

Cisco VPN client OK - Checkpoint VPN client not OK

Post by Ned » Sat, 13 Oct 2007 22:02:21

Hi, I have my PIX set up allowing VPN clients in. A Cisco VPN client
(v4.0.3D) can get in OK but a Checkpoint client (R56 Build 311) can't.
The Checkpoint client never appears to hit the outside interface of
the PIX as no debug info appears when he tries to connect. I hardly
need to deinstall my Cisco client sw beofre firing up the Checkpoint -
do I? TIA, Ned

1. Cisco VPN Client and Microsoft VPN Client on One computer

2. dns update from dhcp server ok for windows clients, not ok for linux (dhclient) clients


The subjects says it all (almost):

we have a linux dhcp server (dhcp-3.0pl1-26) happily distributing ip
adresses, and updating our dns server (on a separate linux server, running
bind bind-9.2.1-1.7x.2).

on our windows desktops, we have no problems: they request an ip adress,
obtain it, and via the dhcp server the dns gets updated.

however, i needed to configure a network interface of a linux machine via
dhcp, and although the ip adress is acquired and the network interface is
brought up, somehow the dns does not get updated.

we only allow dns updates from the dhcp server, and i am surprised why there
would be a difference between a linux machine using dhclient to request an
ip adress, and a windows machine.

the /var/log/messages shows no errors from either dns or bind, but a clue
could be that the DHCPREQUEST doesn't seem to send the machine's hostname,
whereas the windows client do seem to send it.

look at these log entries:

this is a windows machine

Aug 6 14:22:22 frontend dhcpd: DHCPREQUEST for from
00:90:27:23:21:88 (atlantis) via eth0
Aug 6 14:22:22 frontend dhcpd: DHCPACK on to 00:90:27:23:21:88
(atlantis) via eth0

and this is from the linux machine

Aug 6 14:35:46 frontend dhcpd: DHCPREQUEST for (
from 00:0b:db:d5:5c:7e via eth0
Aug 6 14:35:46 frontend dhcpd: DHCPACK on to 00:0b:db:d5:5c:7e
via eth0

as you can see, the hostname of the linux machine is not displayed after the
mac adress, whereas the windows machine does show it.

Any ideas on how to solve this annoying problem ?



3. VPN to Windows 2003 - ping not OK server to remote clients but not

4. CISCO VPN client -> ISA 2000 -> CISCO VPN Concentrator

5. USB Keys and Cisco VPN Concentrator / Cisco VPN Client ?

6. ISA to Cisco VPN 3005 using Cisco VPN Client 4.0.3

7. Enable a Cisco IPSec VPN Client to Connect to a Cisco VPN Concentrator Through I

8. Cisco vpn client behind ISA not working > vpn concentrator

9. Shared files OK, PING OK, IP addresses OK - but no client web

10. VPN Ok for Win2K client but not XP

11. Shared files OK, PING OK, IP addresses OK - but no client web acce

12. vpn rule session out using checkpoint vpn client

13. VPN Server - AD users OK - NT Users not OK

14. Cisco 837 to Cisco 837 VPN, ping OK, NetBios / VNC DROPPING!