Windows 10, Cisco VPN and Forti SSL VPN
When I connect both to Fortinet SSL VPN and to Cisco VPN at the same time, I cannot use network provided by Forticlient (i.e. my PC cant see remote hosts, ping timeouts). Cisco VPN network works fine though. When I disconnect Cisco VPN, I can ping network resources again, can connect via RDP ans so on. Reproducing in 100% cases, very easy to catch (but not to find underlying issue with skills I have).
Microsoft Windows 10 Pro x64
Forticlient 5.4.0.0780
Cisco Systems VPN Client 5.0.07.0440
My setup is mostly identical to what I had in previous Windows versions.
But there is one important difference related to CiscoVPN. It doesn't work in 10 out of the box so I followed this guide: http://www.gleescape.com/posts/2917.
- Installed Sonic VPN (it added DNE filter to all network adapters).
- Changed registry key "HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesCVirtA" as
described (removed '@oem8.inf,%CVirtA_Desc%;' from beginning).
Same result with disabled Firewall and HIPS (provided by Comodo). Windows Firewall is always disabled.
I tried to make routing table same as without Cisco VPN (it adds routes when connected) bu it didn't help.
This problem is relevant only for Windows 10 (before and after Threshold 2). I had no problems with Windows 7 and Windows 8.1. Also I had to reinstall Windows 10 once but problem reoccurred after clean install (i.e. it didn't ever work on Windows 10 for me).
I browsed sqlite db "C:Program Files (x86)FortinetFortiClientlogsfclog.dat". There are no entries for the time when I reproduce issue.
There are no relevant windows events (I checked system and applications log).
The only event related to network:
<System>
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<Provider Name="BROWSER" />
<EventID Qualifiers="16384">8033</EventID>
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2016-01-24T08:57:04.695616600Z" />
<EventRecordID>36757</EventRecordID>
<Channel>System</Channel>
<Computer>GROBIK2015</Computer>
<Security />
</System>
<EventData>
<Data>DeviceNetBT_Tcpip_{64DBF048-CBFA-4B32-8851-B7CE04C06F91}</Data>
</EventData>
</Event>
I also tried to check network packets with WireShark but this is beyond my knowledge.
I don't know what else to check so I will appreciate any suggestions where to dig. I am not an expert with network technologies and VPN in particular but can understand instructions and use required tools.
Thanks in advance.
P.S. sorry if my English not correct sometimes.
vpn windows-10
asked Jan 24 '16 at 11:12
alxK
613
migrated from serverfault.com Jan 24 '16 at 12:11
This question came from our site for system and network administrators.
add a comment |
When I connect both to Fortinet SSL VPN and to Cisco VPN at the same time, I cannot use network provided by Forticlient (i.e. my PC cant see remote hosts, ping timeouts). Cisco VPN network works fine though. When I disconnect Cisco VPN, I can ping network resources again, can connect via RDP ans so on. Reproducing in 100% cases, very easy to catch (but not to find underlying issue with skills I have).
Microsoft Windows 10 Pro x64
Forticlient 5.4.0.0780
Cisco Systems VPN Client 5.0.07.0440
My setup is mostly identical to what I had in previous Windows versions.
But there is one important difference related to CiscoVPN. It doesn't work in 10 out of the box so I followed this guide: http://www.gleescape.com/posts/2917.
- Installed Sonic VPN (it added DNE filter to all network adapters).
- Changed registry key "HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesCVirtA" as
described (removed '@oem8.inf,%CVirtA_Desc%;' from beginning).
Same result with disabled Firewall and HIPS (provided by Comodo). Windows Firewall is always disabled.
I tried to make routing table same as without Cisco VPN (it adds routes when connected) bu it didn't help.
This problem is relevant only for Windows 10 (before and after Threshold 2). I had no problems with Windows 7 and Windows 8.1. Also I had to reinstall Windows 10 once but problem reoccurred after clean install (i.e. it didn't ever work on Windows 10 for me).
I browsed sqlite db "C:Program Files (x86)FortinetFortiClientlogsfclog.dat". There are no entries for the time when I reproduce issue.
There are no relevant windows events (I checked system and applications log).
The only event related to network:
<System>
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<Provider Name="BROWSER" />
<EventID Qualifiers="16384">8033</EventID>
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2016-01-24T08:57:04.695616600Z" />
<EventRecordID>36757</EventRecordID>
<Channel>System</Channel>
<Computer>GROBIK2015</Computer>
<Security />
</System>
<EventData>
<Data>DeviceNetBT_Tcpip_{64DBF048-CBFA-4B32-8851-B7CE04C06F91}</Data>
</EventData>
</Event>
I also tried to check network packets with WireShark but this is beyond my knowledge.
I don't know what else to check so I will appreciate any suggestions where to dig. I am not an expert with network technologies and VPN in particular but can understand instructions and use required tools.
Thanks in advance.
P.S. sorry if my English not correct sometimes.
vpn windows-10
asked Jan 24 '16 at 11:12
alxK
613
migrated from serverfault.com Jan 24 '16 at 12:11
This question came from our site for system and network administrators.
add a comment |
When I connect both to Fortinet SSL VPN and to Cisco VPN at the same time, I cannot use network provided by Forticlient (i.e. my PC cant see remote hosts, ping timeouts). Cisco VPN network works fine though. When I disconnect Cisco VPN, I can ping network resources again, can connect via RDP ans so on. Reproducing in 100% cases, very easy to catch (but not to find underlying issue with skills I have).
Microsoft Windows 10 Pro x64
Forticlient 5.4.0.0780
Cisco Systems VPN Client 5.0.07.0440
My setup is mostly identical to what I had in previous Windows versions.
But there is one important difference related to CiscoVPN. It doesn't work in 10 out of the box so I followed this guide: http://www.gleescape.com/posts/2917.
- Installed Sonic VPN (it added DNE filter to all network adapters).
- Changed registry key "HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesCVirtA" as
described (removed '@oem8.inf,%CVirtA_Desc%;' from beginning).
Same result with disabled Firewall and HIPS (provided by Comodo). Windows Firewall is always disabled.
I tried to make routing table same as without Cisco VPN (it adds routes when connected) bu it didn't help.
This problem is relevant only for Windows 10 (before and after Threshold 2). I had no problems with Windows 7 and Windows 8.1. Also I had to reinstall Windows 10 once but problem reoccurred after clean install (i.e. it didn't ever work on Windows 10 for me).
I browsed sqlite db "C:Program Files (x86)FortinetFortiClientlogsfclog.dat". There are no entries for the time when I reproduce issue.
There are no relevant windows events (I checked system and applications log).
The only event related to network:
<System>
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<Provider Name="BROWSER" />
<EventID Qualifiers="16384">8033</EventID>
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2016-01-24T08:57:04.695616600Z" />
<EventRecordID>36757</EventRecordID>
<Channel>System</Channel>
<Computer>GROBIK2015</Computer>
<Security />
</System>
<EventData>
<Data>DeviceNetBT_Tcpip_{64DBF048-CBFA-4B32-8851-B7CE04C06F91}</Data>
</EventData>
</Event>
I also tried to check network packets with WireShark but this is beyond my knowledge.
I don't know what else to check so I will appreciate any suggestions where to dig. I am not an expert with network technologies and VPN in particular but can understand instructions and use required tools.
Thanks in advance.
P.S. sorry if my English not correct sometimes.
vpn windows-10
asked Jan 24 '16 at 11:12
alxK
613
When I connect both to Fortinet SSL VPN and to Cisco VPN at the same time, I cannot use network provided by Forticlient (i.e. my PC cant see remote hosts, ping timeouts). Cisco VPN network works fine though. When I disconnect Cisco VPN, I can ping network resources again, can connect via RDP ans so on. Reproducing in 100% cases, very easy to catch (but not to find underlying issue with skills I have).
Microsoft Windows 10 Pro x64
Forticlient 5.4.0.0780
Cisco Systems VPN Client 5.0.07.0440
My setup is mostly identical to what I had in previous Windows versions.
But there is one important difference related to CiscoVPN. It doesn't work in 10 out of the box so I followed this guide: http://www.gleescape.com/posts/2917.
- Installed Sonic VPN (it added DNE filter to all network adapters).
- Changed registry key "HKEY_LOCAL_MACHINESYSTEMCurrentControlSetServicesCVirtA" as
described (removed '@oem8.inf,%CVirtA_Desc%;' from beginning).
Same result with disabled Firewall and HIPS (provided by Comodo). Windows Firewall is always disabled.
I tried to make routing table same as without Cisco VPN (it adds routes when connected) bu it didn't help.
This problem is relevant only for Windows 10 (before and after Threshold 2). I had no problems with Windows 7 and Windows 8.1. Also I had to reinstall Windows 10 once but problem reoccurred after clean install (i.e. it didn't ever work on Windows 10 for me).
I browsed sqlite db "C:Program Files (x86)FortinetFortiClientlogsfclog.dat". There are no entries for the time when I reproduce issue.
There are no relevant windows events (I checked system and applications log).
The only event related to network:
<System>
<Event xmlns="http://schemas.microsoft.com/win/2004/08/events/event">
<Provider Name="BROWSER" />
<EventID Qualifiers="16384">8033</EventID>
<Level>4</Level>
<Task>0</Task>
<Keywords>0x80000000000000</Keywords>
<TimeCreated SystemTime="2016-01-24T08:57:04.695616600Z" />
<EventRecordID>36757</EventRecordID>
<Channel>System</Channel>
<Computer>GROBIK2015</Computer>
<Security />
</System>
<EventData>
<Data>DeviceNetBT_Tcpip_{64DBF048-CBFA-4B32-8851-B7CE04C06F91}</Data>
</EventData>
</Event>
I also tried to check network packets with WireShark but this is beyond my knowledge.
I don't know what else to check so I will appreciate any suggestions where to dig. I am not an expert with network technologies and VPN in particular but can understand instructions and use required tools.
Thanks in advance.
P.S. sorry if my English not correct sometimes.
vpn windows-10
vpn windows-10
asked Jan 24 '16 at 11:12
alxK
613
asked Jan 24 '16 at 11:12
alxK
613
asked Jan 24 '16 at 11:12
alxK
613
asked Jan 24 '16 at 11:12
alxK
613
asked Jan 24 '16 at 11:12
alxK
613
613
migrated from serverfault.com Jan 24 '16 at 12:11
This question came from our site for system and network administrators.
migrated from serverfault.com Jan 24 '16 at 12:11
This question came from our site for system and network administrators.
add a comment |
add a comment |
1 Answer
1
active
oldest
votes
I had a similar issue after installing FortiClient 5.4. Could not ping or connect to Remote Desktop even though FortiCleint VPN would connect.
After reading your issue and several unrelated ones, I uninstalled Dell SonicWall (only installed to support Cisco 5.0.07) and Cisco 5.0.07 and I was back in business. Not sure which of the two were the cause. Not sure how much this helps if you have to keep the old Cisco client, but perhaps will provide a avenue for searching for a workable solution.
answered Jan 30 '16 at 19:13
Chris
1
Well, I don't need to uninstall Cisco VPN to have it working - Forti network becomes available immediately when I disconnect Cisco. But you're right, I need them both connected at the same time quite often.
– alxK
Feb 22 '16 at 13:51
@alxK Both of these clients throw default gateway to their respective VPN remote site. Whichever has the least priority determines which network remains accessible. So, you either need to provide routes yourself, that is, one subnet to one gw, another subnet to another gw, or find settings that would not make all traffic go through either VPN.
– Vesper
Jun 22 '17 at 15:02
add a comment |
Your Answer
StackExchange.ready(function() {
var channelOptions = {
tags: "".split(" "),
id: "3"
};
initTagRenderer("".split(" "), "".split(" "), channelOptions);
StackExchange.using("externalEditor", function() {
// Have to fire editor after snippets, if snippets enabled
if (StackExchange.settings.snippets.snippetsEnabled) {
StackExchange.using("snippets", function() {
createEditor();
});
}
else {
createEditor();
}
});
function createEditor() {
StackExchange.prepareEditor({
heartbeatType: 'answer',
autoActivateHeartbeat: false,
convertImagesToLinks: true,
noModals: true,
showLowRepImageUploadWarning: true,
reputationToPostImages: 10,
bindNavPrevention: true,
postfix: "",
imageUploader: {
brandingHtml: "Powered by u003ca class="icon-imgur-white" href="https://imgur.com/"u003eu003c/au003e",
contentPolicyHtml: "User contributions licensed under u003ca href="https://creativecommons.org/licenses/by-sa/3.0/"u003ecc by-sa 3.0 with attribution requiredu003c/au003e u003ca href="https://stackoverflow.com/legal/content-policy"u003e(content policy)u003c/au003e",
allowUrls: true
},
onDemand: true,
discardSelector: ".discard-answer"
,immediatelyShowMarkdownHelp:true
});
}
});
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1030629%2fwindows-10-cisco-vpn-and-forti-ssl-vpn%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
1 Answer
1
active
oldest
votes
1 Answer
1
active
oldest
votes
active
oldest
votes
active
oldest
votes
I had a similar issue after installing FortiClient 5.4. Could not ping or connect to Remote Desktop even though FortiCleint VPN would connect.
After reading your issue and several unrelated ones, I uninstalled Dell SonicWall (only installed to support Cisco 5.0.07) and Cisco 5.0.07 and I was back in business. Not sure which of the two were the cause. Not sure how much this helps if you have to keep the old Cisco client, but perhaps will provide a avenue for searching for a workable solution.
answered Jan 30 '16 at 19:13
Chris
1
Well, I don't need to uninstall Cisco VPN to have it working - Forti network becomes available immediately when I disconnect Cisco. But you're right, I need them both connected at the same time quite often.
– alxK
Feb 22 '16 at 13:51
@alxK Both of these clients throw default gateway to their respective VPN remote site. Whichever has the least priority determines which network remains accessible. So, you either need to provide routes yourself, that is, one subnet to one gw, another subnet to another gw, or find settings that would not make all traffic go through either VPN.
– Vesper
Jun 22 '17 at 15:02
add a comment |
I had a similar issue after installing FortiClient 5.4. Could not ping or connect to Remote Desktop even though FortiCleint VPN would connect.
After reading your issue and several unrelated ones, I uninstalled Dell SonicWall (only installed to support Cisco 5.0.07) and Cisco 5.0.07 and I was back in business. Not sure which of the two were the cause. Not sure how much this helps if you have to keep the old Cisco client, but perhaps will provide a avenue for searching for a workable solution.
answered Jan 30 '16 at 19:13
Chris
1
Well, I don't need to uninstall Cisco VPN to have it working - Forti network becomes available immediately when I disconnect Cisco. But you're right, I need them both connected at the same time quite often.
– alxK
Feb 22 '16 at 13:51
@alxK Both of these clients throw default gateway to their respective VPN remote site. Whichever has the least priority determines which network remains accessible. So, you either need to provide routes yourself, that is, one subnet to one gw, another subnet to another gw, or find settings that would not make all traffic go through either VPN.
– Vesper
Jun 22 '17 at 15:02
add a comment |
I had a similar issue after installing FortiClient 5.4. Could not ping or connect to Remote Desktop even though FortiCleint VPN would connect.
After reading your issue and several unrelated ones, I uninstalled Dell SonicWall (only installed to support Cisco 5.0.07) and Cisco 5.0.07 and I was back in business. Not sure which of the two were the cause. Not sure how much this helps if you have to keep the old Cisco client, but perhaps will provide a avenue for searching for a workable solution.
answered Jan 30 '16 at 19:13
Chris
1
I had a similar issue after installing FortiClient 5.4. Could not ping or connect to Remote Desktop even though FortiCleint VPN would connect.
After reading your issue and several unrelated ones, I uninstalled Dell SonicWall (only installed to support Cisco 5.0.07) and Cisco 5.0.07 and I was back in business. Not sure which of the two were the cause. Not sure how much this helps if you have to keep the old Cisco client, but perhaps will provide a avenue for searching for a workable solution.
answered Jan 30 '16 at 19:13
Chris
1
answered Jan 30 '16 at 19:13
Chris
1
answered Jan 30 '16 at 19:13
Chris
1
answered Jan 30 '16 at 19:13
Chris
1
1
Well, I don't need to uninstall Cisco VPN to have it working - Forti network becomes available immediately when I disconnect Cisco. But you're right, I need them both connected at the same time quite often.
– alxK
Feb 22 '16 at 13:51
@alxK Both of these clients throw default gateway to their respective VPN remote site. Whichever has the least priority determines which network remains accessible. So, you either need to provide routes yourself, that is, one subnet to one gw, another subnet to another gw, or find settings that would not make all traffic go through either VPN.
– Vesper
Jun 22 '17 at 15:02
add a comment |
Well, I don't need to uninstall Cisco VPN to have it working - Forti network becomes available immediately when I disconnect Cisco. But you're right, I need them both connected at the same time quite often.
– alxK
Feb 22 '16 at 13:51
@alxK Both of these clients throw default gateway to their respective VPN remote site. Whichever has the least priority determines which network remains accessible. So, you either need to provide routes yourself, that is, one subnet to one gw, another subnet to another gw, or find settings that would not make all traffic go through either VPN.
– Vesper
Jun 22 '17 at 15:02
Well, I don't need to uninstall Cisco VPN to have it working - Forti network becomes available immediately when I disconnect Cisco. But you're right, I need them both connected at the same time quite often.
– alxK
Feb 22 '16 at 13:51
Well, I don't need to uninstall Cisco VPN to have it working - Forti network becomes available immediately when I disconnect Cisco. But you're right, I need them both connected at the same time quite often.
– alxK
Feb 22 '16 at 13:51
@alxK Both of these clients throw default gateway to their respective VPN remote site. Whichever has the least priority determines which network remains accessible. So, you either need to provide routes yourself, that is, one subnet to one gw, another subnet to another gw, or find settings that would not make all traffic go through either VPN.
– Vesper
Jun 22 '17 at 15:02
@alxK Both of these clients throw default gateway to their respective VPN remote site. Whichever has the least priority determines which network remains accessible. So, you either need to provide routes yourself, that is, one subnet to one gw, another subnet to another gw, or find settings that would not make all traffic go through either VPN.
– Vesper
Jun 22 '17 at 15:02
add a comment |
Thanks for contributing an answer to Super User!
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Some of your past answers have not been well-received, and you're in danger of being blocked from answering.
Please pay close attention to the following guidance:
- Please be sure to answer the question. Provide details and share your research!
But avoid …
- Asking for help, clarification, or responding to other answers.
- Making statements based on opinion; back them up with references or personal experience.
To learn more, see our tips on writing great answers.
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
StackExchange.ready(
function () {
StackExchange.openid.initPostLogin('.new-post-login', 'https%3a%2f%2fsuperuser.com%2fquestions%2f1030629%2fwindows-10-cisco-vpn-and-forti-ssl-vpn%23new-answer', 'question_page');
}
);
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Sign up or log in
StackExchange.ready(function () {
StackExchange.helpers.onClickDraftSave('#login-link');
});
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Sign up using Google
Sign up using Facebook
Sign up using Email and Password
Post as a guest
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
Required, but never shown
