Troubleshooting VPN

The following might help if you have problems with VPN connection.

Mobile Devices

It is currently not possible to set up mobile devices, such as telephones and personal digital assistants (PDAs), to use this service; the majority of VPN/PPTP clients provided with devices are not compatible with the VPN service provided by the University.

VPN & Personal Firewalls

  • Personal firewalls installed on your computer need to be set to trust vpn.shef.ac.uk (or vpn1.shef.ac.uk) when prompted.
  • Try turning off any firewalls you have (Note: XP and Vista have their own internal firewall).

VPN & Web Browsers

  • If you have difficulty viewing webpages, your browser may be set (by your ISP's installation program) to use a proxy server - you will need to disable any such settings to allow the browser to work whilst using VPN.

Cisco Client & Connection Problems

  • Ensure you are running the latest version of the software.
    If in doubt, download and install the latest version of the software from the Cisco Client webpage.
  • Check with your Network or Internet Service Provider (ISP) that they permit the use of VPN from their services.
    Some secure networks, such as NHS Trusts, do not allow users to connect directly to other networks.
  • Follow the instructions given on the web pages PRECISELY.
    Type in all entries exactly as described.
    Words are case sensitive.
    Don't set any options unless the instructions say to.
    Pay particular attention to setting the Group Access username and password information - many problems seem to occur here.
  • The client will not work on the same PC as Microsoft's Internet Connection Sharing (ICS), but will work on other PCs which are using ICS to access the Internet.
  • The VPN server and client maintain their connection with "keepalive" messages. If your computer goes into sleep or standby mode for more than ~5 minutes, the network connection will be lost and the VPN session will be terminated.
  • Try connecting to the VPN service using the 'in-built' Windows or Macintosh PPTP client. This may help us to distinguish between a computer problem and an ISP problem.
    If PPTP - a very simple VPN client - does not work on a computer, then the problem is likely to be with your computer or the ISP connection, not VPN itself.
  • Ensure under Properties on the General Tab that Enable Transparent Tunnelling and Allow IPSec over UDP are checked (especially on Apple Mac).
  • There is a Cisco client utility for setting MTU - from the START menu, under Programs select Cisco Systems VPN Client and then Set MTU.

    Select the Network Adapter that you are using to connect to VPN. Check the MTU setting. For Ethernet and wireless adapters we recommend 1300. If 'Default' is selected, unselect this and set the MTU explicitly to 1300. You will need to restart the computer for the changes to take effect.

Resolving connection problems with Cisco Client

It's possible to create an event log to diagnose connection problems when using the Cisco Client.

To let us give you help, please:

  • Write down any messages that appear in the client connection history window.
  • Write down your IP address, the date and time when the failure occurred so that we can try to match the session with the logs on the server.
  • To start the Log Viewer:
    i) On the Cisco client window, click on the Log tab, then the Log Settings button and make sure that all entries are set to 3 - High.
    ii) Click the enable button.
    iii) Click on the Connection Entries tab.
    iv) Try to connect.
    v) Click on the log tab again and paste the log into an email message and send it to CiCS for analysis.