Boot camp with Cisco VPN client and smart card

Similar Messages

• Problem with Cisco VPN client and HP elitebook 2530p windows 7 64-bit

  Hi there
  I have a HP Elitebook 2530p which i upgraded to windows 7 64-bit. I installed the Cisco VPN client application (ver. 5.0.07.0290 and also 64-bit) and the HP connection manager to connect to the internet through a modem Qualcomm gobi 1000 (that is inside the laptop). When I connect to the VPN, it connects (I write the username and password) but there is no traffic inside de virtual adapter for my servers. When I connect to the internet through wire or wireless internet, I connect de VPN client and there is no problem to establish communication to my servers.
  I tried everything, also change the driver and an earlier version of the HP connection manager application. I also talked to HP and they told me that there was a report with this kind of problem and it was delivered to Cisco. I don’t know where is the problem.
  Could anyone help me?
  Thanks to all.

  You can try to update Deterministic Network Enhancer to the below listed release which supports
  WWAN Drivers.
  http://www.citrix.com/lang/English/lp/lp_1680845.asp.
  DNE now supports WWAN devices in Win7.  Before downloading the latest version of DNEUpdate from the links below,  be sure you have the latest
  drivers for your network adapters by downloading them from the vendors’ websites.
  For 64-bit: ftp://files.citrix.com/dneupdate64.msi
  Hope that helps.

• User from certificate with Cisco VPN client and ASA (and radius)

  Hello,
  we are trying to migrate a vpn client connection from GROUP to certificate. We want that client uses the user from the certificate and doesn't ask user, only password. Is it possible? Now, with user certificate, you can connect as another user if you know the user and the password of the other user with your own certifcate.
  Thanks!
  Santiago.

  mrbacklash wrote:
  Ok with that being said will the MBA 11.6 1.4ghz have the guts to make it run mostly internet based programs over the VPN connection?
  I think if you are running apps over the Internet the bottleneck will be the Internet and your VPN bandwidth. Your computer can certainly execute faster than Internet communications.
  Besides, Internet or remote applications run on the remote server. All your local computer does is local processing of the data if necessary.
  Message was edited by: BobTheFisherman

• Mavericks VPN dropouts with native VPN client and Cisco IPSec

  Since update to Maverics I am experiencing VPN dropouts with native VPN client and Cisco IPSec
  I am connecting via a WIFI router to a remote VPN server
  The conenction is good for a while but eventually it drops out.
  I had Zero issues in mountain lion and only have issues since the update to 10.9
  I had similar issues in teh past with an unrelaibel wifi router but i am using a Verizon Fios router and it has worked impecably until mavericks
  My thoughts are:
  1 -issue with mavericks  ( maybe the app sleep funciton affecting eithe VPN or WIFI daemons)
  2- Issue with  cisco router compaitibility or timing with Cisco IPSEC
  3- Issue with WIFI itself on mavericks - some sort of WIFI software bug
  Any thousuggestions?

  Since update to Maverics I am experiencing VPN dropouts with native VPN client and Cisco IPSec
  I am connecting via a WIFI router to a remote VPN server
  The conenction is good for a while but eventually it drops out.
  I had Zero issues in mountain lion and only have issues since the update to 10.9
  I had similar issues in teh past with an unrelaibel wifi router but i am using a Verizon Fios router and it has worked impecably until mavericks
  My thoughts are:
  1 -issue with mavericks  ( maybe the app sleep funciton affecting eithe VPN or WIFI daemons)
  2- Issue with  cisco router compaitibility or timing with Cisco IPSEC
  3- Issue with WIFI itself on mavericks - some sort of WIFI software bug
  Any thousuggestions?

• Unable to access satellite offices with Cisco VPN client

  There are 4 sites:
  Main office - 192.168.0.x/24
  Sat office1 - 10.0.0.x/24
  Sat Office2 - 10.0.1.x/24
  Sat Office3 - 10.0.2.x/24
  All 4 offices are connected via MPLS using other Cisco routers from the telcom co. The user VPN endpoint is at the main office. (Cisco 1811)
  We can make the VPN connection with the Cisco VPN client and browse the 192 network all day long. We cannot access any of the other subnets over the VPN connection. Browsing the other subnets while physically at the main office is fine. This DID work in the past. Something changed that I cannot pinpoint, any ideas?
  Scope for the VPN endusers is 10.100.100.x/24
  Cisco VPN Client versions 4.x and 5.x (both affected)
  Thanks in advance

  Ken
  It is good to know that it did work in the past and then stopped working. That indicates that something changed. Is it possible that a software upgrade has been done and that the change is behavior is reflecting a different version of IOS? (I suspect that is is possible but not so likely - but we need to ask.)
  My guess is either that there was some change in the routing logic or that the access lists which indicate what traffic is to be protected by the VPN used to include remote to remote but has been changed for some reason.
  Could you post the configuration of the main office 1811?
  Another question that occurs to me is whether the main office 1811 is directly connected to the Internet or does it go through some firewall? If if goes through some firewall is it possible that there has been some change in the firewall rules that is denying the remote to remote traffic?
  HTH
  Rick

• Cisco VPN client and License

  Hello,
  We have a Cisco ASA 5520 with the VPN PLus License and 8.04 IOS installed, we want to set up vpn access to our users. We can use the cisco VPN client which works on WIndows Platform, but we also have MAC OS 10.7 which works only with Cisco Anyconnect.
  I am a little bit lost with all the client and the license, actually we can't setup more than 2 vpn session with an Anyconnect client installed on MAC or Windows. The authentication is by Certificate, the first two connect fine, but the third one don't connect and prompt for a username / password.
  I joined a SH VER of my ASA, if anyome can tell me what is wrong on the license or perhaps it's a configuration problem?
  Thanks a lot for the answer.
  Mathieu.
  fw-eps-02# sh ver
  Cisco Adaptive Security Appliance Software Version 8.0(4)
  Device Manager Version 6.4(1)
  Compiled on Thu 07-Aug-08 20:53 by builders
  System image file is "disk0:/asa804-k8.bin"
  Config file at boot was "startup-config"
  fw-eps-02 up 1 hour 36 mins
  Hardware:   ASA5520, 2048 MB RAM, CPU Pentium 4 Celeron 2000 MHz
  Internal ATA Compact Flash, 256MB
  BIOS Flash Firmware Hub @ 0xffe00000, 1024KB
  Encryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0)
                               Boot microcode   : CN1000-MC-BOOT-2.00
                               SSL/IKE microcode: CNLite-MC-SSLm-PLUS-2.03
                               IPSec microcode  : CNlite-MC-IPSECm-MAIN-2.05
  0: Ext: GigabitEthernet0/0  : address is c84c.75da.9a58, irq 9
  1: Ext: GigabitEthernet0/1  : address is c84c.75da.9a59, irq 9
  2: Ext: GigabitEthernet0/2  : address is c84c.75da.9a5a, irq 9
  3: Ext: GigabitEthernet0/3  : address is c84c.75da.9a5b, irq 9
  4: Ext: Management0/0       : address is c84c.75da.9a5c, irq 11
  5: Int: Not used            : irq 11
  6: Int: Not used            : irq 5
  Licensed features for this platform:
  Maximum Physical Interfaces  : Unlimited
  Maximum VLANs                : 150
  Inside Hosts                 : Unlimited
  Failover                     : Active/Active
  VPN-DES                      : Enabled
  VPN-3DES-AES                 : Enabled
  Security Contexts            : 2
  GTP/GPRS                     : Disabled
  VPN Peers                    : 750
  WebVPN Peers                 : 2
  AnyConnect for Mobile        : Disabled
  AnyConnect for Linksys phone : Disabled
  Advanced Endpoint Assessment : Disabled
  UC Proxy Sessions            : 2
  This platform has an ASA 5520 VPN Plus license.
  Serial Number: JMX1433L0Y3
  Running Activation Key: 0x3a17c153 0x8c141630 0xe0f3b5d4 0x86044ccc 0x47193392
  Configuration register is 0x40 (will be 0x1 at next reload)
  Configuration last modified by mgeffroy at 15:33:11.409 CEST Mon Jan 23 2012
  fw-eps-02#

  why don't you use built-in client in mac osx? it supports certificate authentication also.
  another solution would be to buy additional ssl vpn licences: there is a limit of two ssl vpn sessions by default.
  Sent from Cisco Technical Support iPad App

• Mac Pro kernel Panic with Cisco VPN Client

  After Having to rebuild my new Mac Pro 3 times I finally found that it was the Cisco VPN Client that was released for Intel in Feb. of this year that does not play nice with the new machines. Don't install or if it's too late boot into Safe Boot mode by holding your shift key during startup and then follow the instructions at the link below.
  http://itinfo.mit.edu/answer.php?id=8171

  Just a heads-up;
  the new Cisco VPN Client has now been released and fixes this issue.
  The version 4.9.01.0030 specifically resolves the following bugs:
  CSCsd51113 feature unity nonwindows set mtu vpnclient.ini field
  CSCsd51126 unity mac ppp intel fails with mismatch log message 10.4
  CSCsc56445 unity mac rebranding volume name voids rebranding files
  CSCsf19841 unity mac does not support 64 bit mac pro platform
  Cheers,
  Dan

• Cisco VPN client and mac mail

  Hi all,
  I wonder if someone can be more helpful than my uni IT department who take a minimum of a week to get you an IP address...
  My new uni uses Cisco VPN client for connection to the Wi-Fi network. It all works great apart from one (very annoying problem):-my e-mail accounts in mac mail don't seem to be able to connect via the VPN. I have had both an IMAP and a POP server e-mail account work automatically wherever I connect in the world for over a year now-so its not the way I've set up the accounts.
  Is there any way to get mac mail to "see" the VPN connection. If I have to physically plug-in my mac this seems a tad ridiculous when it works in every coffee shop with free wi-fi.
  My uni are not helpful as they want people to use either outlook or better still log-on to their e-mail using the web. I don't even want to use their e-mail-what is the point when I move jobs again in a year. What I do currently is use an IMAP account from my last job which I've set to forward to my "e-mail for life" from my undergrad uni. I basically only give out my life e-mail address and this also goes on all my papers.
  If I can't access this easily and sort all my mail in all the folders I've created to filter out things like facebook etc. I'm wondering what the point of mac mail is.

  Yeah, that stuff normally works for me. Unfortunately this is a situation where you have to use an external Cisco VPN client software, whether you like it or not. Its this horrible clunky thing (which at least half works I guess). So its only like normal wi-fi in terms of selecting the network, then you have to open up this application and put in your log-in etc. Most of the settings on this client seem locked, so there isn't much I can do to configure it.
  I've just got to my (temporary) accommodation which doesn't have wi-fi or VPN (just ethernet) and my mail is working again-so it must be the VPN. Goodness knows how it works with an iPod touch (interested in getting one but kind of pointless if I spend most of my time at work and it doesn't work...)
  Thanks for your suggestions though!

• Cisco VPN client and Novell and Panda AV

  I have found an issue with one of my clients PC's that prevents him from using network resources over the VPN tunnel.
  PC
  Win XP SP2
  VPN client - 5.0 (Newest download)
  Novell - Client 4.91 SP4 for win 4.91.4
  Panda AC 4.02.40
  Ok here's what happens
  I made a PCF file for a handful of users to connect in and be able to access 2 servers.
  On the machine with the above information installed. It will connect to the VPN. Everything seems fine but if I RDP or ping access to the server it will not go. I then installed it on my machine and it works.
  So I fully investigated the one PC that doesn't work. I noticed in the TCPIP stack of both the Ethernet card and the Cisco adaptor. There is a Novell client and a panda client.
  Now if I uncheck one or the other it works. (I know there's posts about panda not working and the posts are 2 years old) It will work with just panda or Novell. When I check both it fails.
  Now has anyone seen this issue with these two products installed on a machine with Cisco VPN.
  Also, who should this go to, Novell, Panda or both?

  I stated i did that and it works. Each one works when its the only thing checked.
  Thanks
  Though

• Cisco VPN client and SSH

  Hi,
  I am using Cisco VPN client 4.9.01.0180 to connect to remote server. From the Cisco client, I see that I am connecting to the remote server.
  Using the terminal, with command:
  ssh 192.168.1.2 or ssh [email protected] to connect to the remote server.
  However, the output is:
  ssh: connect to host 192.168.1.2 port 22: Operation timed out
  I don't know what is going wrong. The Cisco client 's setting is simple, and no problem using Windows. Do I have to modify the Mac OS?
  Regards,
  Terence

  hi,
  sorry for asking stupid. how and what did you change your subnet to ?
  i have almost the exact same problem (same client and on Windows it does work and I cannot ssh to a Mac in the work office) furthermore i am using a wireless connection (via Airport Express) ... not sure if that matters.
  do i just go into the Network Prefs and select the tcp/ip tab, and manually change the ip-addresses ?
  my settings (DHCP) currently are
  ip 10.0.1.2
  Subnet Mask 255.255.255.0
  Router 10.0.1.1
  The strange thing for me is that if I Remote Desktop to a PC (via VPN) on the same office net as the above Mac I cannot ssh (via Putty), but when i am physically at the PC i am able to ssh.
  any help appreciated
  ./allan

• Cisco VPN Client and Quick VPN interaction?

  I have both a Cisco VPN client for connecting to my company LAN and a QuickVPN client for connecting to my home LAN installed on my W2K laptop.  Both start and run correctly, and both connect just as they should.  My home LAN uses a WRV54G router to provide VPN connection.  I can alternate back and forth between the two clients and connect to each LAN with no obvious issues, but not at the same time, of course.
  Here's the question.  When I connect to the home LAN, I can log on with no problem and I can remotely administer the WRV54G with no problem.  I can ping all of the wired and wireless W2K computers on my home LAN with no problem.  However, I cannot "see", browse or map any of the shared resources on my home LAN.  I have created user accounts on the home LAN computers for my laptop and router logins and I have given these accounts permissions to my shared resources, but I still cannot get to them.  Linksys tech support has been absolutely no help whatsoever, even after repeated attempts.
  While trying to troubleshoot this myself, I've noticed that when the Cisco VPN client is running and I'm connected to my company LAN, the IP address and subnet of my computer is changed to ones assigned by the DHCP server at my company.  This seems to happen because the Cisco client activates the "Local Area Connection Number 2" on my laptop and assigns IP addresses using it.  However, when I'm using the QuickVPN client to connect to my home, the IP address and subnet of my laptop continues to be those assigned by whatever local network I'm connected to (e.g. hotel, etc).
  I'm wondering if the QuickVPN is supposed to be assigning an IP address and subnet to my laptop from the WRV54G's DHCP server when I connect to my home LAN.  If so, could the Cisco VPN client installed on my laptop be preventing that from happening?
  Sorry for the long post, but I'm at my wit's end on this one and Linksys is just no help at all.

  1. The Cisco VPN client creates a virtual interface on your computer. This allows you to route traffic to the tunnel. The QuickVPN client is simpler. It only encrypts the traffic to the other end. It does not use a virtual interface. That's why you don't have another IP address when connected with QuickVPN. QuickVPN only encrypts IP packets with IPSec from your computer to 192.168.1.* (or whatever you may use on your WRV LAN) and sends them to the WRV's public IP address.
  2. Microsoft Windows file sharing and LAN network browsing depends on network broadcasts. Those only work inside a LAN. If you connect from the outside to a LAN, broadcasts won't go through the VPN tunnel. This means you cannot use standard name windows workgroup name resolution to access shares. Those are propagated with broadcasts which will never go through the VPN tunnel. This means you are not able to use workgroup browsing. All you can to do access your shares is to use the IP address of the other computer.
  In short:
  \\mycomputer\share won't work
  \\192.168.1.50\share works
  (assuming the general sharing setup is O.K., i.e. you can use sharing correctly inside your LAN).
  Of course, firewalls on the server end may cause problems. Access comes in from a public IP address. This may be blocked. Check the firewall logs on the server to find out if this is the case or not.
  Moreover, establishing the VPN connection from a private LAN to a private LAN may not work. This is due to the double network address translation which breaks IPSec and thus the connection. If the hotel uses private IP addresses, this may be the case. But in that case you won't get ping responses from your WRV LAN.
  What definitively won't work is in case when the hotel uses the same IP address subnet as you. If the hotel uses 192.168.1.* addresses and your WRV uses 192.168.1.* addresses you cannot connect. QuickVPN does only IPSec tunneling. There is no address translation in QuickVPN. Therefore connecting the identical private IP address subnet through QuickVPN will never work because all addresses exists twice, once on either side.

• IP Communicator doesn't work with Cisco VPN Client

  Hi,
  Im having problem to connect  IP Communicator (either ver 2 or 7 )whenever using Cisco VPN Client 5.0.06.0160 for windows
  the IPC didn't register to the CUCM
  There's nothing showing on the screen
  but whenever im using  Anyconnect VPN Client, it works perfectly
  The remote side is using ASA5505
  Anyone can help ??
  Thanks

       It's probably an issue with the ASA configuration in your "group-policy attributes".  The "split-tunnel-network-list value" is pointing to an access list without the subnet for the call manager.  While your ssl group-policy for webvpn has a "split-tunnel network-list value" access-list which does contain the subnet for the call manager.
       The other issue could be that your using different ip pools for ipsec and ssl vpn.  The ip pool subnet that you might be giving out for ipsec might not be in your "no nat" acl.
  Jason

• Cisco ASA 5505, Cisco VPN Client and Novell Netware

  Hi,
  Our ISP have installed Cisco ASA 5505 firewall. We are trying to connect to our Novell 5.1 server using VPN client.
  I installed VPN client on a laptop that is using wireless connection. I connect using wireless signal from near by hotel and I am able to connect to my firewall usinging vpn client and also able to login in using Novell client for XP.
  When I use same vpn client and Novell client at home that is not using wireless connection, but DSL connection amd not able to login or find the tree.
  The only difference in two machine is laptop using wireless connection and my home machine is using wired connection using DSL.

  If your remote end of the services in question support IPsec IKEv1 as the VPN type then, yes - the 5505 can be a client for that service. At that point it looks like a regular LAN-LAN VPN which is documented in many Cisco and 3rd party how-to documents.

• Cisco VPN Client and Border Manager

  Don't know if this is the correct spot, but here goes. We are using BM 3.8sp4 using proxy, and NAT. We have a contractor that needs to access his company network using a Cisco VPN Client Ver 5. They have Enable Transparent Tunneling checked in the client and IPSec over TCP port 1000.
  Is this a filter exception to let it out or something else I need to set up?

  Port 1000, or 10000? (10,000 is something I've seen in the past, and
  is what I used for the example in my BMgr filtering book. See URL
  below).
  You would probably need to open two ports up, in FILTCFG, from private
  to public interfaces. First, IKE-st (UDP 500). Next, make a custom
  stateful one for port 1000 (or whatever), probably UDP.
  The last Cisco IPSec VPN client I used through BMgr needed UDP 500 and
  UDP 4500 opened, just like the Novell IPSec VPN client. So I was able
  to use the definitions supplied by Novell in FILTCFG. In your case,
  you will probably have to add at least one custom exception.
  Filter debug will tell you what is being filtered, if you know how to
  use it. Or get PKTSCAN.NLM from download.novell.com, load it on the
  server, and capture packets. Look at them on the server, or use
  Wireshark, and you will see what protocol/ports are being sent from the
  client IP address.
  Craig Johnson
  Novell Support Connection SysOp
  *** For a current patch list, tips, handy files and books on
  BorderManager, go to http://www.craigjconsulting.com ***

• Cisco VPN Client and Windows XP Home

  Hello,
  I cannot find any information to tell me whether Windows XP Home (Not XP Professional) is supported under ant Cisco VPN client 4.xx or 5.xx.
  We have several "home" users and when trying to install it just causes the pc to do a looping reboot.
  Can anyone advise please ?
  Scott

  Scott,
  Not sure if you read the release notes, but here they are are for V4.06 and V5.0:
  http://www.cisco.com/en/US/docs/security/vpn_client/cisco_vpn_client/vpn_client46/release/notes/46clnt.html#wp1207576
  http://www.cisco.com/en/US/products/sw/secursw/ps2308/prod_release_note09186a0080884df5.html#wp1207576
  I'm not seeing anything that prohibits XP Home, but there are several caveats that may have direct bearing on why your user's can't get it installed (administrative access to internal firewalls).
  HTH
  Steve