Cisco Systems VPN Client Version 5.0.03.0560 Errors

Similar Messages

• Problem using SunRay with Cisco AnyConnect VPN Client

  I am using Cisco AnyConnect VPN Client Version 2.5.3046
  I  have a PC and a SunRay connected to my router. I use VPN to connect my  SunRay and my PC to my work computer. My PC works fine, I am able to  connect to the internet and also run cisco VPN to connect to my work  computer. But when I try to use my SunRay, I get a window on the screen  with the message:
      VPN IKE Phase 1 agg I msg1This window  keeps moving around on the screen. I am not able to connect my SunRay  through VPN to my work computer. Any idea what could be wrong and how I  can fix this?

  2.2 is definitely better.
  On one PC, I'm fine. On another -- very similar -- it tells me it can't start the VPN even after uninstalling and re-installing and everything else I can think of, with plenty of re-boots inbetween.
  Aaaaarrrrrrggggggghhhh.

• Cisco VPN Client Version 5.0.07.0440

  Upgraded to windows 8.1 and now cisco VPN not working
  Error message
  'SECURE VPN CONNECTION TERMINATED LOCALLY BY THE CLIENT
  REASON 440: DRIVER FAILURE
  Any help to resolve this would be appreciated. Thank you

  The Cisco VPN tends to have compatibility issues in Windows 8 & 8.1. You need to apply a small workaround as explained below –
  1. Open Registry editor by typing regedit in Run prompt
  2. Browse to the Registry Key HKEY_LOCAL_MACHINE\\SYSTEM\\CurrentControlSet\\Services\\CVirtA
  3. Select the DisplayName to modify, and remove the leading characters from the value
  data upto "%;" i.e.
  - For x86, change the value data from something like "@oem8.inf,%CVirtA_Desc%;Cisco Systems
  VPN Adapter” to "Cisco Systems VPN Adapter”
  - For x64, change the value data from something like "@oem8.inf,%CVirtA_Desc%;Cisco
  Systems VPN Adapter for 64-bit Windows” to "Cisco Systems VPN Adapter for 64-bit Windows”
  - Try connecting again
  Hope this will help.

• Configurate cisco ipsec vpn client at asa 5505 version 8.4

  Hi dear. I want to configurate cisco ipsec vpn client at asa 5505. At my asa the software version is 8.4.
  please provide me a link or some material to config ipsec vpn client at asa 5505 version 8.4
  thank you.

  are you looking for vpn client .pcf file or the configuration on ASA (ASDM) ?
  what version of vpn client ?

• Cisco AnyConnect VPN client and 256 AES encryption in IE8

  Hey,
  We have a site that we are trying to connect to with the AnyConnect VPN client version 2.5.3055 on Windows XP SP3. As soon as we enter the site info and hit select, it says a connection was unable to be established.
  I believe this has to do with the encryption, its set up with 256 bit AES. We are only able to install IE8, which on XP only supports up to 128 bit encryption, so in IE8 the page will not load. To fix that issue we installed firefox which supports 256 bit encryption. We can get to the page there, but when we go to connect to the same site VIA the VPN client it still will not connect. It will work fine on a windows 7 box with IE9 installed from the same network.
  My question mainly pertains to how the AnyConnect client connects on the back end. Does it use Internet explorer's SSL layer by default? Or does it have its own? If it connects through internet explorer, is there a way to change it to firefox so it will actually be able to open up a connection?
  Thank you for your answers in advance,
  John

  Hey Jeff,
  Thanks for answering that question. Hmm, so it doesnt go through the browsers SSL layer. We have systems on the same network (same proxy, firewall, vlan, etc). All the systems with windows XP SP3 and IE8/IE7 can not connect to the VPN (they arent even able to start the connection and ask for proxy/logon info.), all the systems with windows 7 and IE9 can. Same setups on each one as far as the security policies go as well. I thought it may have to do with the 256 bit encryption that they are using.
  If thats not the case, what else could be causing the problem? weve tested it on about 5 XP machines and 5 Win 7 machines, same results on each. Connects on Win 7, does not connect on Win XP.
  Thanks,
  John

• Cisco Systems VPN Driver installed without my authorization

  I just did a system software update, installing just the Security Update 2010-004. After rebooting I looked in the syslog and noticed for the first time a report of starting a Cisco Systems VPN driver:
  Wed Jul 21 14:03:59 mhackslab kernel[0] <Debug>: yukon: Ethernet address 00:1b:63:be:3c:6e
  Wed Jul 21 14:04:01 mhackslab rpc.statd[70] <Notice>: statd.notify - no notifications needed
  Wed Jul 21 14:04:01 mhackslab bootlog[85] <Notice>: BOOT_TIME: 1279742620 0
  Wed Jul 21 14:04:02 mhackslab com.apple.launchd[1] (com.apple.distccdConfigd[81]) <Warning>: Exited with exit code: 255
  Wed Jul 21 14:04:02 mhackslab fseventsd[77] <Critical>: bumping event counter to: 0x2bdc081c (current 0x0) from log file
  Wed Jul 21 14:04:12 mhackslab kextd[17] <Notice>: writing kernel link data to /var/run/mach.sym
  Wed Jul 21 14:04:12 mhackslab /System/Library/CoreServices/loginwindow.app/Contents/MacOS/loginwindow[73] <Error>: Login
  Wed Jul 21 14:04:13 mhackslab /usr/sbin/ocspd[104] <Alert>: starting
  Wed Jul 21 14:04:13 mhackslab com.apple.SystemStarter[68] <Notice>: Starting Cisco Systems VPN Driver
  Wed Jul 21 14:04:14 mhackslab com.apple.SystemStarter[68] <Notice>: kextload: /System/Library/Extensions/CiscoVPN.kext l
  Wed Jul 21 14:04:15 mhackslab kernel[0] <Debug>: CiscoVPN : attempting to attach to all available ethernet interfaces.
  Wed Jul 21 14:04:15 mhackslab kernel[0] <Debug>: CiscoVPN : checking if we are already attached to interface: en0
  Wed Jul 21 14:04:15 mhackslab kernel[0] <Debug>: CiscoVPN : no, not yet attached to interface: en0
  Wed Jul 21 14:04:15 mhackslab kernel[0] <Debug>: CiscoVPN : interface: en0, filter attached.
  Wed Jul 21 14:04:15 mhackslab kernel[0] <Debug>: CiscoVPN : current MTU for en0 is 1500, saving it.
  Wed Jul 21 14:04:15 mhackslab kernel[0] <Debug>: CiscoVPN : checking if we are already attached to interface: en1
  Wed Jul 21 14:04:15 mhackslab kernel[0] <Debug>: CiscoVPN : no, not yet attached to interface: en1
  Wed Jul 21 14:04:15 mhackslab kernel[0] <Debug>: CiscoVPN : interface: en1, filter attached.
  Wed Jul 21 14:04:15 mhackslab kernel[0] <Debug>: CiscoVPN : current MTU for en1 is 1500, saving it.
  Wed Jul 21 14:04:15 mhackslab kernel[0] <Debug>: CiscoVPN : loading cisco ipsec kernel module.
  Wed Jul 21 14:04:21 mhackslab kernel[0] <Debug>: display: Not usable
  My syslog goes back over a year and there is no prior report of such a driver being started. I don't think I have ever manually installed this driver. I have also listed all services by doing 'sudo launchctl list' and 'sudo launchctl bslist' and did not see any report of a Cisco service.
  I would like to know why the driver is now being started every time on bootup, what caused this to occur, and how I can prevent it.
  thanks,
  William Knight

  Hi,
    I suggest you to install the Latest Version of Cisco VPN 5.0.07.0440 : http://software.cisco.com/download/release.html?mdfid=281940730&softwareid=282364316&release=5.0.07.0440&os=Windows
  if you get the same Error try to turn off the Firewall and Connect again, if doesn't solve it you should contact with Cisco VPN Support: https://supportforums.cisco.com/community/netpro/security/vpn
  Regards,
  MCT / MCITP / MCTS / MCSA / MCSE / MCP / C|EH / CCNA

• Trouble with Cisco Anyconnect VPN Client

  Hello,
  our Cisco AnyConnect VPN Client has stopped working, we are a medical office and we are attempting to connect to "clientvpn.e-mds.com" however it will not connect, the username and password we input are irrelevant it doesnt come up with a "wrong credentials" window it just erases the password and at the bottom of the window it says "Please enter your username and password". our version is 2.5.0217 does anyone know anything to try? any help would be appreciated

  you may want to try the OS X networking forums:
  http://discussions.apple.com/forum.jspa?forumID=733

• What TCP/UDP ports need to be open for VPN Client version 4.8?

  What TCP/UDP ports need to be open for Cisco VPN Client version 4.8 to work?
  Thanks,

  Normally, you need the following ports and protocol :
  UDP 500
  UDP 4500
  ESP
  In case, you are using IPSec over TCP you have to open, TCP port 10000 or any other port you want to use for IPSec connections (Its configurable).
  -Kanishka

• Cisco IPSec VPN Client and sending a specific Radius A-V value to ACS 5.2

  This setup is to try routing Cisco VPN to either RSA or Entrust from Cisco ACS 5.2, depending on some parameter in incoming AUTH request from Cisco IPSec VPN Client 5.x. Tried playing with pcf files and user names/identity stores, none seems working

  Hi Tony,
  to the best of my knowledge this is currently not possible, but will be once this enhancement is implemented:
  CSCsw31922    Radius upstream VSAs (Tunnel Group,Client type) for VPN policy decisions
  You may want to try and ask in the AAA forum if there is anything you can do on ACS...
  hth
  Herbert

• Will the old Cisco VPN Client (version Windows - 5.0.07.0440) work on a 5510

  I plan to upgrade our Cisco ASA 5510 from 8.2 to 8.3.  However I have 20-30remote users running the older Cisco VPN Client that connect remotely to the ASA (version Windows - 5.0.07.0440 - not Anyconnect).  
  My question is will the upgrade to 8.3 still allow the users to use the same Cisco VPN client or will I need to upgrade each workstation to the newer Cisco AnyConnect?
  I appreciate any help that can be provided.  

  You can do that with no problem. Even the new 9.x ASA software is compatible with the old Cisco VPN client for IPSec remote access VPN.
  That client software might not work very well with newer client operating systems like Windows 8 but the ASA end will continue to allow them to connect.

• Idle timeout for cisco anyconnect vpn client

  Hi All,
  Can you please let me know how to set idle timeout for the cisco vpn client, I configured the idle timeout setting under the group policy for the ssl vpn but it is not making any difference, is there any bug in asa firmware ? but I am using the latest version 9.3(2) now but this change is not taking any effect.
  Please let me know if you need more information, config etc ?
  Thanks

  Hi Alex,
  That file is indeed subjected to the same download restrictions than the other Anyconnect client files. You should contact the person who provided you with the Anyconnect  client installer, or who is managing the ASA that you are connecting  to, asking her/him to get the file and provide it to you - that person  should have the necessary access rights.
  Alternatively there is a command line interface executable provided as part of the Anyconnect  client, which can return tunnel statistics (among which tunnel status) -  invoking that program and parsing the output should be doable from  pretty much any programming/scripting tool - not the most optimal  approach in C++ though, but you wouldn't need anything else than what is provided with the client software.
  The executable is with the other Anyconnect client files and is named vpncli.exe.
  Try vpncli -h to get the argument syntax.
  I hope it helps, please let me know.
  Best regards,
  Christophe

• Inbuilt cisco IPSEC vpn client and KeyLife Timeout setting...

  Hi Guys
  I am having issues with the in built cisco vpn client on the mac, I am currrently using Mac OSx 10.7.4
  I have a Fortigate 200B device and have setup the IPSec VPN settings to have a keylife of 86400 seconds.
  However the expereince I am having with the mac clients is that after about 50 minutes the users are being asked to re-authencate to the VPN...
  When checkin the debug logs I can see that the peer (mac client) is setting the phase 2 tunnel key lifetime to 3600 seconds which is 1 Hour...
  Usually in IPSec a re-negeotiation process takes place about 10 minutes or so before the key expires..
  My question is where are the VPN settings kept in the Mac... I know it uses Racoon for the IPSec exchange of key and so I would like to tweak the VPN profiles so that the mac sets the lifetime of the key to 86400 instead of 3600 by default...
  Also want to be able to set logging to debug mode for the Racoon application on mac clients.
  Your help is much appreciated
  Kind Regards
  Mohamed

  Hi Tony,
  to the best of my knowledge this is currently not possible, but will be once this enhancement is implemented:
  CSCsw31922    Radius upstream VSAs (Tunnel Group,Client type) for VPN policy decisions
  You may want to try and ask in the AAA forum if there is anything you can do on ACS...
  hth
  Herbert

• My AirPort Extreme stops responding when I VPN from my Win7 box via Cisco Connect VPN Client.

  Hi
  I just got a new Airport extreme. It seem to hang and stop respond all together each time I try to connect through via my VPN client ( Cisco Connect).
  What can I do to fix this?
  Thanks!

  This is the nature of VPN.  When you are connected through VPN, other network-attached devices (printers, other computers, scanners, etc) are unavailable to you.
  If you need to print while using VPN you will have to have a direct connected printer (using USB, for example). 
  Say thanks by clicking "Kudos" "thumbs up" in the post that helped you.
  I am employed by HP

• I have installed VPN CLIENT Version 4.9.01.0080

  I am getting a challenge with creating profiles as therre is no .pcf file exists bcoz I didnt preconfigure anything. Please assist with pointing me to the right direction,
  Here is my MacBook Pro 15" info:
  Model Name: MacBook Pro
  Model Identifier: MacBookPro8,2
  Processor Name: Intel Core i7
  Processor Speed: 2 GHz
  Number of Processors: 1
  Total Number of Cores: 4
  L2 Cache (per Core): 256 KB
  L3 Cache: 6 MB
  Memory: 4 GB
  System Version: Mac OS X 10.6.8 (10K549)
  Kernel Version: Darwin 10.8.0  

  Please give some more details such as your operating system. What do you mean by "cant be added"? How are you trying to delete it, and what happens when you try? Error messages received?

• Problem with VPN client on Cisco 1801

  Hi,
  I have configured a new router for a customer.
  All works fine but i have a strange issue with the VPN client.
  When i start the VPN the client don't close the connection, ask for password, start to negotiate security policy the show the not connected status.
  This is the log form the VPN client:
  Cisco Systems VPN Client Version 5.0.07.0290
  Copyright (C) 1998-2010 Cisco Systems, Inc. All Rights Reserved.
  Client Type(s): Windows, WinNT
  Running on: 6.1.7601 Service Pack 1
  Config file directory: C:\Program Files (x86)\Cisco Systems\VPN Client\
  1      14:37:59.133  04/08/13  Sev=Info/6          GUI/0x63B00011
  Reloaded the Certificates in all Certificate Stores successfully.
  2      14:38:01.321  04/08/13  Sev=Info/4          CM/0x63100002
  Begin connection process
  3      14:38:01.335  04/08/13  Sev=Info/4          CM/0x63100004
  Establish secure connection
  4      14:38:01.335  04/08/13  Sev=Info/4          CM/0x63100024
  Attempt connection with server "asgardvpn.dyndns.info"
  5      14:38:02.380  04/08/13  Sev=Info/6          IKE/0x6300003B
  Attempting to establish a connection with 79.52.36.120.
  6      14:38:02.384  04/08/13  Sev=Info/4          IKE/0x63000001
  Starting IKE Phase 1 Negotiation
  7      14:38:02.388  04/08/13  Sev=Info/4          IKE/0x63000013
  SENDING >>> ISAKMP OAK AG (SA, KE, NON, ID, VID(Xauth), VID(dpd), VID(Frag), VID(Nat-T), VID(Unity)) to 79.52.36.120
  8      14:38:02.396  04/08/13  Sev=Info/4          IPSEC/0x63700008
  IPSec driver successfully started
  9      14:38:02.396  04/08/13  Sev=Info/4          IPSEC/0x63700014
  Deleted all keys
  10     14:38:02.460  04/08/13  Sev=Info/5          IKE/0x6300002F
  Received ISAKMP packet: peer = 79.52.36.120
  11     14:38:02.460  04/08/13  Sev=Info/4          IKE/0x63000014
  RECEIVING <<< ISAKMP OAK AG (SA, VID(Unity), VID(dpd), VID(?), VID(Xauth), VID(Nat-T), KE, ID, NON, HASH, NAT-D, NAT-D) from 79.52.36.120
  12     14:38:02.506  04/08/13  Sev=Info/6          GUI/0x63B00012
  Authentication request attributes is 6h.
  13     14:38:02.460  04/08/13  Sev=Info/5          IKE/0x63000001
  Peer is a Cisco-Unity compliant peer
  14     14:38:02.460  04/08/13  Sev=Info/5          IKE/0x63000001
  Peer supports DPD
  15     14:38:02.460  04/08/13  Sev=Info/5          IKE/0x63000001
  Peer supports DWR Code and DWR Text
  16     14:38:02.460  04/08/13  Sev=Info/5          IKE/0x63000001
  Peer supports XAUTH
  17     14:38:02.460  04/08/13  Sev=Info/5          IKE/0x63000001
  Peer supports NAT-T
  18     14:38:02.465  04/08/13  Sev=Info/6          IKE/0x63000001
  IOS Vendor ID Contruction successful
  19     14:38:02.465  04/08/13  Sev=Info/4          IKE/0x63000013
  SENDING >>> ISAKMP OAK AG *(HASH, NOTIFY:STATUS_INITIAL_CONTACT, NAT-D, NAT-D, VID(?), VID(Unity)) to 79.52.36.120
  20     14:38:02.465  04/08/13  Sev=Info/6          IKE/0x63000055
  Sent a keepalive on the IPSec SA
  21     14:38:02.465  04/08/13  Sev=Info/4          IKE/0x63000083
  IKE Port in use - Local Port =  0xCEFD, Remote Port = 0x1194
  22     14:38:02.465  04/08/13  Sev=Info/5          IKE/0x63000072
  Automatic NAT Detection Status:
     Remote end is NOT behind a NAT device
     This   end IS behind a NAT device
  23     14:38:02.465  04/08/13  Sev=Info/4          CM/0x6310000E
  Established Phase 1 SA.  1 Crypto Active IKE SA, 0 User Authenticated IKE SA in the system
  24     14:38:02.502  04/08/13  Sev=Info/5          IKE/0x6300002F
  Received ISAKMP packet: peer = 79.52.36.120
  25     14:38:02.502  04/08/13  Sev=Info/4          IKE/0x63000014
  RECEIVING <<< ISAKMP OAK TRANS *(HASH, ATTR) from 79.52.36.120
  26     14:38:02.502  04/08/13  Sev=Info/4          CM/0x63100015
  Launch xAuth application
  27     14:38:07.623  04/08/13  Sev=Info/4          CM/0x63100017
  xAuth application returned
  28     14:38:07.623  04/08/13  Sev=Info/4          IKE/0x63000013
  SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to 79.52.36.120
  29     14:38:12.656  04/08/13  Sev=Info/6          IKE/0x63000055
  Sent a keepalive on the IPSec SA
  30     14:38:22.808  04/08/13  Sev=Info/6          IKE/0x63000055
  Sent a keepalive on the IPSec SA
  31     14:38:32.949  04/08/13  Sev=Info/6          IKE/0x63000055
  Sent a keepalive on the IPSec SA
  32     14:38:43.089  04/08/13  Sev=Info/6          IKE/0x63000055
  Sent a keepalive on the IPSec SA
  33     14:38:53.230  04/08/13  Sev=Info/6          IKE/0x63000055
  Sent a keepalive on the IPSec SA
  34     14:39:03.371  04/08/13  Sev=Info/6          IKE/0x63000055
  Sent a keepalive on the IPSec SA
  35     14:39:13.514  04/08/13  Sev=Info/6          IKE/0x63000055
  Sent a keepalive on the IPSec SA
  36     14:39:23.652  04/08/13  Sev=Info/6          IKE/0x63000055
  Sent a keepalive on the IPSec SA
  37     14:39:33.807  04/08/13  Sev=Info/6          IKE/0x63000055
  Sent a keepalive on the IPSec SA
  38     14:39:43.948  04/08/13  Sev=Info/6          IKE/0x63000055
  Sent a keepalive on the IPSec SA
  39     14:39:54.088  04/08/13  Sev=Info/6          IKE/0x63000055
  Sent a keepalive on the IPSec SA
  40     14:40:04.233  04/08/13  Sev=Info/6          IKE/0x63000055
  Sent a keepalive on the IPSec SA
  41     14:40:14.384  04/08/13  Sev=Info/6          IKE/0x63000055
  Sent a keepalive on the IPSec SA
  42     14:40:24.510  04/08/13  Sev=Info/6          IKE/0x63000055
  Sent a keepalive on the IPSec SA
  43     14:40:34.666  04/08/13  Sev=Info/6          IKE/0x63000055
  Sent a keepalive on the IPSec SA
  44     14:40:44.807  04/08/13  Sev=Info/6          IKE/0x63000055
  Sent a keepalive on the IPSec SA
  45     14:40:54.947  04/08/13  Sev=Info/6          IKE/0x63000055
  Sent a keepalive on the IPSec SA
  46     14:41:05.090  04/08/13  Sev=Info/6          IKE/0x63000055
  Sent a keepalive on the IPSec SA
  47     14:41:15.230  04/08/13  Sev=Info/6          IKE/0x63000055
  Sent a keepalive on the IPSec SA
  48     14:41:25.370  04/08/13  Sev=Info/6          IKE/0x63000055
  Sent a keepalive on the IPSec SA
  49     14:41:35.524  04/08/13  Sev=Info/6          IKE/0x63000055
  Sent a keepalive on the IPSec SA
  50     14:41:45.665  04/08/13  Sev=Info/6          IKE/0x63000055
  Sent a keepalive on the IPSec SA
  51     14:41:55.805  04/08/13  Sev=Info/6          IKE/0x63000055
  Sent a keepalive on the IPSec SA
  52     14:42:05.951  04/08/13  Sev=Info/6          IKE/0x63000055
  Sent a keepalive on the IPSec SA
  53     14:42:16.089  04/08/13  Sev=Info/6          IKE/0x63000055
  Sent a keepalive on the IPSec SA
  54     14:42:26.228  04/08/13  Sev=Info/6          IKE/0x63000055
  Sent a keepalive on the IPSec SA
  55     14:42:36.383  04/08/13  Sev=Info/6          IKE/0x63000055
  Sent a keepalive on the IPSec SA
  56     14:42:46.523  04/08/13  Sev=Info/6          IKE/0x63000055
  Sent a keepalive on the IPSec SA
  57     14:42:56.664  04/08/13  Sev=Info/6          IKE/0x63000055
  Sent a keepalive on the IPSec SA
  58     14:43:02.748  04/08/13  Sev=Info/4          IKE/0x63000017
  Marking IKE SA for deletion  (I_Cookie=2B1FFC3754E3B290 R_Cookie=73D546631A33B5D6) reason = DEL_REASON_CANNOT_AUTH
  59     14:43:02.748  04/08/13  Sev=Info/4          IKE/0x63000013
  SENDING >>> ISAKMP OAK INFO *(HASH, DWR) to 79.52.36.120
  60     14:43:03.248  04/08/13  Sev=Info/4          IKE/0x6300004B
  Discarding IKE SA negotiation (I_Cookie=2B1FFC3754E3B290 R_Cookie=73D546631A33B5D6) reason = DEL_REASON_CANNOT_AUTH
  61     14:43:03.248  04/08/13  Sev=Info/4          CM/0x63100014
  Unable to establish Phase 1 SA with server "asgardvpn.dyndns.info" because of "DEL_REASON_CANNOT_AUTH"
  62     14:43:03.248  04/08/13  Sev=Info/5          CM/0x63100025
  Initializing CVPNDrv
  63     14:43:03.262  04/08/13  Sev=Info/6          CM/0x63100046
  Set tunnel established flag in registry to 0.
  64     14:43:03.262  04/08/13  Sev=Info/4          IKE/0x63000001
  IKE received signal to terminate VPN connection
  65     14:43:03.265  04/08/13  Sev=Info/4          IPSEC/0x63700014
  Deleted all keys
  66     14:43:03.265  04/08/13  Sev=Info/4          IPSEC/0x63700014
  Deleted all keys
  67     14:43:03.265  04/08/13  Sev=Info/4          IPSEC/0x63700014
  Deleted all keys
  68     14:43:03.265  04/08/13  Sev=Info/4          IPSEC/0x6370000A
  IPSec driver successfully stopped
  And this is the conf from the 1801:
  hostname xxx
  boot-start-marker
  boot-end-marker
  enable secret 5 xxx
  aaa new-model
  aaa authentication login xauthlist local
  aaa authorization network groupauthor local
  aaa session-id common
  dot11 syslog
  no ip cef
  no ip dhcp use vrf connected
  ip dhcp excluded-address 10.0.1.1 10.0.1.10
  ip dhcp excluded-address 10.0.1.60 10.0.1.200
  ip dhcp excluded-address 10.0.1.225
  ip dhcp excluded-address 10.0.1.250
  ip dhcp pool LAN
     network 10.0.1.0 255.255.255.0
     default-router 10.0.1.10
     dns-server 10.0.1.200 8.8.8.8
     domain-name xxx
     lease infinite
  ip name-server 10.0.1.200
  ip name-server 8.8.8.8
  ip name-server 8.8.4.4
  ip inspect log drop-pkt
  ip inspect name Firewall cuseeme
  ip inspect name Firewall dns
  ip inspect name Firewall ftp
  ip inspect name Firewall h323
  ip inspect name Firewall icmp
  ip inspect name Firewall imap
  ip inspect name Firewall pop3
  ip inspect name Firewall rcmd
  ip inspect name Firewall realaudio
  ip inspect name Firewall rtsp
  ip inspect name Firewall esmtp
  ip inspect name Firewall sqlnet
  ip inspect name Firewall streamworks
  ip inspect name Firewall tftp
  ip inspect name Firewall vdolive
  ip inspect name Firewall udp
  ip inspect name Firewall tcp
  ip inspect name Firewall https
  ip inspect name Firewall http
  multilink bundle-name authenticated
  username xxx password 0 xxxx
  crypto isakmp policy 3
  encr 3des
  authentication pre-share
  group 2 
  crypto isakmp client configuration group xxx
  key xxx
  dns 10.0.1.200
  wins 10.0.1.200
  domain xxx
  pool ippool
  acl 101 
  crypto ipsec transform-set myset esp-3des esp-sha-hmac
  crypto ipsec transform-set xauthtransform esp-des esp-md5-hmac
  crypto dynamic-map dynmap 10
  set transform-set myset
  crypto map clientmap client authentication list userauthen
  crypto map clientmap isakmp authorization list groupauthor
  crypto map clientmap client configuration address respond
  crypto map clientmap 10 ipsec-isakmp dynamic dynmap
  archive  
  log config
    hidekeys
  interface ATM0
  no ip address
  no atm ilmi-keepalive
  pvc 8/35
    encapsulation aal5mux ppp dialer
    dialer pool-member 1
  dsl operating-mode adsl2+
  hold-queue 224 in
  interface FastEthernet0
  interface FastEthernet1
  interface FastEthernet2
  interface FastEthernet3
  interface Vlan1
  ip address 10.0.1.10 255.255.255.0
  ip nat inside
  ip virtual-reassembly
  interface Dialer0
  ip address negotiated
  ip nat outside
  ip virtual-reassembly
  encapsulation ppp
  dialer pool 1
  ppp authentication chap callin
  ppp pap sent-username aliceadsl password 0 aliceadsl
  crypto map clientmap
  ip local pool ippool 10.16.20.1 10.16.20.200
  ip forward-protocol nd
  ip route 0.0.0.0 0.0.0.0 Dialer0
  ip route 0.0.0.0 0.0.0.0 10.0.1.2
  ip http server
  no ip http secure-server
  ip nat inside source list 1 interface Dialer0 overload
  ip nat inside source static udp 10.0.1.60 1056 interface Dialer0 1056
  ip nat inside source static tcp 10.0.1.60 1056 interface Dialer0 1056
  ip nat inside source static tcp 10.0.1.60 3111 interface Dialer0 3111
  ip nat inside source static udp 10.0.1.60 3111 interface Dialer0 3111
  ip nat inside source list 101 interface Dialer0 overload
  access-list 101 remark *** ACL nonat ***
  access-list 101 deny   ip 10.0.1.0 0.0.0.255 10.16.20.0 0.0.0.255
  access-list 101 permit ip 10.0.1.0 0.0.0.255 any
  access-list 150 remark *** ACL split tunnel ***
  access-list 150 permit ip 10.0.1.0 0.0.0.255 10.16.20.0 0.0.0.255
  control-plane
  line con 0
  no modem enable
  line aux 0
  line vty 0 4
  password xxx
  scheduler max-task-time 5000
  end 
  Anyone can help me ?
  Sometimes the vpn can be vreated using the iPhone or iPad vpn client...

  I am having a simuliar issue with my ASA 5505 that I have set up. I am trying to VPN into the Office. I have no problem accessing the Office network when I am on the internet without the ASA 5505. After I installed the 5505, and there is internet access, I try to connect to the Office network without success. The VPN connects with the following error.
  3 Dec 31 2007 05:30:00 305006 xxx.xx.114.97
  regular translation creation failed for protocol 50 src inside:192.168.1.9 dst outside:xxx.xx.114.97
  HELP?