09-29-2011 09:44 AM
Hi, one of our mobile employees who is using network connect version 6.5.0 is having a strange problem, he has Cisco IP communicator installed on Windows XP, whenever the call is connected, he can hear other party (IP phone in corp office) fine, but not the other way around, Network connect log shows that packets from corp office IP phone are being received/de-crypted fine, but there is no packet being encrypted and sent to corp office IP phone. Un-install and re-install network connect client will fix the problem, but after laptop reboot, the problem happens again. There is no problem if he connects to corp network via Cisco IPsec VPN or SSL VPN. I suspect that Juniper network connect client software has some kind of conflict with other software the employee has on his laptop. Did you guys see the same problem?
A side question, I always had the impression that Juniper network connect client initiates SSL VPN to SA series gateway, but network client log shows that the connection is actually IPsec, why is that?
09-30-2011 02:10 AM
You might be affected by the problem discussed in KB21656 - see if disabling the QoS packet scheduler on the physical adaptor works around the problem.
10-01-2011 11:24 PM
To answer the latter part of your question, Network Connect, by default, uses ESP for the connection. This allows for a better data transfer experience using NAT-T for the communication with UDP rather than TCP of SSL.
For the other portion of the question, do other users on the same config work successfully? If you force SSL connections, does it work? Does the connection stay as ESP? Are both sides able to ping/tracert to each other?