Confused with this ASA - VPN config issue

Similar Messages

• HT201342 I'm still confuse  with this iCloud mail. I have 2 device which is iPhone and iPad, why every time I receive a mail from my iPhone it doesn't show on my iPad? Can you maybe help me out here thank you

  I'm still confuse  with this iCloud mail. I have 2 device which is iPhone and iPad, why every time I receive a mail from my iPhone it doesn't show on my iPad? Can you maybe help me out here thank you

  The iphone and ipad must be connected to the same icloud account.  Are you by chance using different IDs to connect from each device?

• Really need some help with this low earpiece volume issue.

  I'm taking my iPhone to an Apple Store Genius tomorrow to check out the low volume in the earpiece. Has anyone else taken their phone in to an Apple Store and had the issue addressed? Are Geniuses just saying it is within spec? Has Apple published an article on this?
  I realize that people are also frustrated over the low speakerphone volume, but the low volume in the earpiece is particularly concerning.
  While traveling down the road it is very difficult to hear the person on the other end of the phone when using just the earpiece (no earbuds, no BT headset). The volume while using the earbuds is plenty loud.
  Can anyone please shed some new light on this? I have had my iPhone for one week and I've got a bad feeling in my gut that this is a hardware issue and the earpiece speaker can't go any louder. Bummer.
  (Obviously, all of my volume settings are maxed out).
  -Joe

  When the iPhones were first released, some people reported on their posts that they were able to take them to the Genius Bar, have a tech test it out, the tech would agree that the volume sounded low, and get their phone swapped right away. Unfortunately, there is no cut and dry answer because people have reported all sorts of different things- that the various software updates have fixed their volume, messing with the volume setting within iTunes, etc.
  Personally, I think it is a software glitch. Why? I did this: I was playing the iPod without the earbuds and the volume was only set midrange. I covered the speaker on the bottom, cranked up the volume, and the sound coming out of the receiver was MUCH louder than it ever is when I am using the iPhone on a call. That to me indicates that the low volume it just a glitch that can be fixed, because it CAN obviously sound louder, just within a different function. Hope that makes sense.
  Good luck tomorrow.

• Cannot use this version of Mail with this version of OSX issue again

  OK, so here's a new twist on an old favorite. Have been using Mail with no problems since the 10.5.8 update. Last night I shut my Mac down (something I rarely if ever do) and when I turned it on this morning and tried to launch Mac Mail, I got the error message about it not working with this version of OSX. Did NOT update the OS. Did NOT update mail or roll back Mail. Just shut down and turned it back on. Mail is version 3.5. Have tried all the usual fixes to no avail. Any ideas?
  Adam

  All of the above. All of them produced the error. Removed apple.com.mail.plist and restarted, and the problem persisted. My fix was downloading the 10.5.8 standalone updater and reinstalling. This produced the behavior removing the .plist should have and Mail started and I was able to reenter account info and re-index my old mailboxes. So, for now, fixed. But since this happened on its own without a recent install of anything system or 3rd party related, we'll see how long it lasts.
  Message was edited by: Adam Salerno
  Message was edited by: Adam Salerno

• What am I doing wrong with this filter (counter/frequency issue), probably another newb question.

  I extracted the part of my VI that applies here.  I have a 6602 DAQ board reading a counter for frequency, using a Cherry Corp proximity sensor.  Getting a lot of noise and errant ridiculously high readings.  Speed of shaft which it's measuring is currently 2400rpm with one pulse per revolution so 40hz. 
  Trying to use the express filter VI to clean up the signal and ignore anything over, say, 45hz and under 35hz.  No matter what setting I choose I continually get the  20020 error, Analysis:  The cut-off frequency, fc, must meet:  0 <= fc <= fs/2.  I know this relates to sample period somehow, but for the life of me I can't understand what I'm doing wrong. 
  I used this VI without filtering on bench tests with a hand-drill and got perfect output every time.  Now it's on the machine and being erratic.  Any help here will ease my stress level significantly, thanks.
  VI attached
  Still confused after 8 years.
  Attachments:
  RPM.vi ‏92 KB

  Hello Ralph,
  I'm not sure about mounting your sensor to your rig, but I can provide a couple ideas about the filtering. Depending on the type of noise, the digital filters on the PCI-6602 could help eliminate the behavior you are seeing. If the noise manifests as a "glitches" or a bouncing signal, you could use another counter with a minimum period to help eliminate the noise. This concept is discussed in greater detail in this KnowledgeBase. I noticed that you are using NI-DAQmx; the practical application of the digital filters on the PCI-6602 in NI-DAQmx is discussed in this KnowledgeBase. A more detailed description of the behavior of these filters is provided in the NI-DAQmx Help (Start>>All Programs>>National Instruments>>NI-DAQ) in the book entitled "Digital Filtering Considerations for TIO-Based Devices".
  I also wanted to comment on your original post and explain why you were receiving error -20020. For convenience, I have copied the text of the error code below.
  Error -20020 occurred at an unidentified location
  Possible reason(s):
  Analysis:  The cut-off frequency, fc, must meet:  0 <= fc <= fs/2.
  I think you may have misunderstood exactly what the Filter express VI does. The Filter express VI takes a series of values in a waveform and performs filtering on those signals. So, it will look at a waveform made up of X and Y values and apply the defined filter to this waveform. Specifically in your application, the cut-off frequency (fc) is the Upper Cut-Off level that you specified in the Filter express VI; any frequency components of the waveform outside of the range you have defined will be filtered. The fs is the sample rate based on the data that you wire to the Signal input of the Filter express VI. In your VI, this data is coming from the DAQ Assistant. So, fs will be the sample rate of the DAQ Assistant and is associated with the rate at which points are acquired. The sample rate does NOT relate to the bandwidth of the signal, except that the Nyquist theorem tells us that the sample rate must be at least twice the signal bandwidth in order to determine periodicity of the signal. So, in this case, the sample rate of the DAQ Assistant would need to be at least double the high cut-off frequency.
  However, you are performing a frequency measurement using a counter. I think this is where the confusion comes in. For the frequency measurement using a counter, the DAQ Assistant returns a decimal value which represents the rate of the pulse train being measured by the counter. It does not return the actual waveform that is being read by the counter. It is this waveform that would be band-pass filtered to eliminate frequency content outside of the filter's bandwidth. Instead of the Filter express VI, I would recommend that you simply discard values that are outside the range you specify. I have modified the code you posted earlier to perform this operation. The image below shows the changes that I made; rather than using the Filter express VI, I simply compare the frequency to the "Low Threshold" and "High Threshold". I use a Case structure to display the value on if it is within the limits. Otherwise, I display a "NaN" value. I have also attached the modified VI to this post.
  Message Edited by Matt A on 09-04-2007 07:58 PM
  Matt Anderson
  Hardware Services Marketing Manager
  National Instruments
  Attachments:
  RPM (Modified).JPG ‏17 KB
  RPM (modified).vi ‏72 KB

• Who can I contact about getting some help with this ongoing (several months) issue???

  I will try to make a long story at least somewhat shorter.Comcast customer for 20 years (yes - literally 20 uninterrupted years). 8 years of service at current address.Several months ago I restructure my bill - all my promotions etc had run out and I wanted to reduce my bill.  Ended up being told my customer support that I could save money by getting the "Triple Play" (I've NEVER had comcast phone service, I have my own VOIP phone solution).  They told me I didn't have to "use" the phone, just getting it hooked up would save me money.  Fine.Internet service was not supposed to have been touched / changed at all. A few days after making these changes, a large box from Comcast shows up at the house.  It has TWO cable modems in the box.  Not sure why they sent them - I already had the latest cable modem (that was capable of supporting the phone service they needed to activate). Notified comcast about the shipment.  They said don't worry about it.  Okay, I left them in the box. Tech shows up at house while I'm working.  Wife called and I talked to tech. He said he just needed to get some "numbers" off the modem to activate the phone service (I'm in the IT industry - I will assume he wanted MAC / SN#'s).  I made sure he was making no changes to the modem itself - I've got my own home network setup.  The Comcast cable modem serves as a gateway and it's in bridged mode.  Always has been. I have my own router etc. So a week or so after that visit, the modem started losing connectivity.  It happens almost EVERY DAY and it's almost always in the later afternoon (5:30-7pm EST) and sometimes late at night.  When this happens, the ONLY way to get the connection back is to unplug modem power AND the coax cable input.  It will then restart the modem and it comes back.  Simply unplugging power and restarting will not do it. After multiple hours spent with support on the phone (we activated the newest modem they sent - same issue.  Activated the other modem they sent - same issue.  In fact they weren't able to put one of them in bridged mode at all). They said a tech needed to come out. Tech comes out - checks the feed to the house.  Said there is a lot of noise in the lines.  (Please note that there is one main comcast feed to my house - it splits outside (in the comcast locked box) into two feeds which enter the house. One feed splits and runs the upstairs TV's (Digital Adapters) and the downstairs STB / DVR.  The other feed goes DIRECTLY to my cable modem. I ran those feeds myself when I moved in this house.  Never had an issue before. Cable TV never has issue - only internet.   So the tech replaced some ends on the upstairs line (Cable TV - he said that signal noise could cause issues with the internet).  I then helped the tech run a BRAND NEW line from the split at the comcast box, directly to the modem.  He said the signal / noise looked much better. Next day - same ISSUE - modem dropped connection.  Pull power and coax cable, reseat, modem restarts, signal comes back. I called support again.  They gave me an incident #.  Said they would have a "Crew supervisor" contact me, since it's obvious the problem lies outside of my home. A tech called and left a voice mail on my phone (was working when it came in, couldn't answer).  They did not leave a call back number. Called support again.  They told me a tech would call me back and was advised to leave a call back number.  That was MONDAY of last week.  Haven't heard anything.  The contact # is my cell...no missed calls. Is there another number I can call or email address so I can escalate this issue?  Having to disconnect / reconnect the modem EVERY DAY at least once is getting tiresome.   I'm in the Richmond Virginia area if it matters at all. Thanks.

  ctandc-
  I am so sorry for the delay! I am sending you a private message so that we can discuss your billing concerns more freely.
  At the top of each Forum page, you will see a small gray envelope icon. This icon will have a number next to it if you have any new messages waiting. To open a PM to read it, double click on the envelope. If you click on the white envelope a window will open with tabs for your Private Message Inbox, Sent Messages, Friends, Ignored Users, and Compose new Message. You can also access this area by clicking on the Username in a Thread or post. By default, Private Messages are enabled. You can disable this feature in My Settings>Preferences> Private Messenger.

• Bloody confused with this Video thing

  Ok look. I downloaded videos from Kazaa ages ago an wanna put them on my Ipod. Yet this seems impossible. Ive been on "File-Add file to library".. but nothing happens. Nothing works why why why ARRRGGGGHHHHH lmao

  i hear you load and clear and urge you to fight back against apple. I've started a thread about this known problem, "Very upset that I can not put videos on my 5g 60gb ipod".
  what you are trying to do will not work for various reasons, first the software will not tranfer video files properly, it seems to crash/hang when doing so (if its a legit file format it can play). second, it will only play certain file formats, mainly .mp4, in the future apple plans to update the firmware so it can accept avi and other file versions, maybe. thirdly, no software came bundled with your new 5g ipod. this means right out of the box there is NO method to take your videl file collection and ut it on the ipod - you will not be able to. Apples solution and where they get you into thinking it can do what you think is because with Itunes you can surf to their website and pay/download movie trailers and music videos for a narrow selection. Thats the only way you'll get digital video onto it right now.
  alternative solution is to use 3rd party applications like Imtoo Mpeg encoder or Imtoo psp video converter or Videora v2.0, however please note, they may work but for the most part these 3rd party applications tend to fail when trying to convert the video and offer little to no tech support.
  In the end, because I've spent weeks with apple on the phone trying to find a solution, you won't be able to get your videos on the ipod, thats just the plain and simple answer. I reocmmend you forget about trying video and just use it as an mp3 player as there is no real method to create/upload digital video content onto your new 5g ipod. sad but very true and this is where I want apple to admit the problem exists and correct it. I want apple to stop the lies.

• Can somebody please help me with this? Security code issue; very small code

  Hi All, Iam a Unix admin and trying to learn Java/weblogic. I have a JSP and iam trying to run on my weblogic 81 Service Pack version 3.
  My following code failed to work and giving me some security exceptions. Then in my weblogic console i saw
  Domain Wide Security Settings > Anonymous Admin Lookup Enabled
  The above checkbox is disabled. When i enabled, it worked. I talked to my company "Security" folks and they do not allow this checkbox to be enabled. they are saying fix your code problem......
  if somebody can please let me know what a probable fix would, that be great and very helpful.
  try{
  Environment env = new Environment();   
  javax.naming.InitialContext ic = new InitialContext();
  MBeanHome home = (MBeanHome) ic.lookup(MBeanHome.LOCAL_JNDI_NAME);
  DomainMBean dom = home.getActiveDomain();
  Set s = home.getMBeansByType("ServerRuntime");
  ServerRuntimeMBean srmb = (ServerRuntimeMBean) s.iterator().next();
  WebLogicObjectName on = new WebLogicObjectName(home.getDomainName()+":Location="+srmb.getName()+",Name="+srmb.getName()+",Type=ServerConfig");
  //WebLogicObjectName on = new WebLogicObjectName(Name="+srmb.getName()+",Type="ServerConfig",Domain="+home.getDomainName()+",Location="+srmb.getName()+");
  ServerMBean server = (ServerMBean) home.getMBean(on);
  ClusterMBean cluster = null;
  if( server != null)
      cluster = server.getCluster();

  did i asked such a dumb question? ... :)Well, yes, sort of. The problem description "My following code failed to work and giving me some security exceptions" doesn't have nearly enough details. Such as, what exceptions, what is it supposed to do, what did it do instead, that sort of thing.

• On closing Photoshop CC, I am getting an error message on screen that read's "Selective Palette error: no element found at line 1. Are you able to assist with this problem?

  Can anyone shed some light on this error message I am getting upon closing Photoshop CC
  I am getting an error message on screen that read's "Selective Palette error: no element found at line 1. Are you able to assist with this problem?

  Same issue here in WI and for me it was at 6:36p CST.
  I'm changed my password, removed iCloud from my phone ... tried 3G and WIFI with no luck. I also cannot check it on my Mac or iPad. I was able to get contacts and calenders back on my phone but no mail yet.
  Did the whole Apple support thing and apparently I'm part of the 1%
  EDIT: Question: are all of you former MobileMe users as well? Just wondering because I know there were going to be some changes as they completely move MobileMe over to iCloud and drop the "extra" services. I just can't remember if it was just a single cut off date or a series of dates. THAT email is stuck in my iCloud folders.

• I'm trying to download the latest version of iTunes and get the message "There is a problem with this Windows Installer package. A program required for this install to complete could not be run." I have no clue what to do with this.

  I'm trying to download the latest version of iTunes and get the message "There is a problem with this Windows Installer package. A program required for this install to complete could not be run." I have no clue what to do with this to resolve the issue. Thanks for any help!

  Repair your Apple software update.
  Go to START > ALL PROGRAMS > Apple Software Update. If it offers you a newer version of Apple Software Update, do it but Deselect any other software offered at the same time. Once done, try another iTunes install
  If you don't find ASU, go to Control Panel:
  START > CONTROL PANEL/ > Add n Remove Programs, highlight ASU and click CHANGE then REPAIR

• Socket Programing in J2ME - Confused with Sun Sample Code

  Hai Everybody,
  I have confused with sample code provided by Sun Inc , for the demo of socket programming in J2ME. I found the code in the API specification of J2ME. The code look like :-
  // Create the server listening socket for port 1234
  ServerSocketConnection scn =(ServerSocketConnection) Connector.open("socket://:1234");
  where Connector.open() method return an interface Connection which is the base interface of ServerSocketConnection. I have confused with this line , is it is possible to cast base class object to the derived class object?
  Plese help me in this regards
  Thanks in advance
  Sulfikkar

  There is nothing to be confused about. The Connector factory creates an implementation of one of the extentions of the Connection interface and returns it.
  For a serversocket "socket://<port>" it will return an implementation of the ServerSocketConnection interface. You don't need to know what the implementation looks like. You'll only need to cast the Connection to a ServerSocketConnection .

• WHAT is up with this ipod touch ???

  this is the second time i've encountered the problem where it stops while a song is playing then moves on to the next song. this must be the 3rd time i've restored the device and it's still happening.
  and don't talk to me about updating to the latest itunes, the version i have installed is 2 updates behind the latest. the reason why is that every time i install the latest itunes, it never starts up right and gives me errors.
  really, what is up with this bs ? Apple issues more fixes/updates to their software/hardware than normal.....

  Audio:
  http://support.apple.com/kb/TS1362
  Ejecting iPod using Windows Explorer on Windows Vista may corrupt iPod
  http://docs.info.apple.com/article.html?artnum=305289
  Troubleshooting CD
  http://docs.info.apple.com/article.html?artnum=305422
  Thread: importing songs from iPod
  http://discussions.apple.com/message.jspa?messageID=7065803#7065803
  Vista video playback performance issues
  http://docs.info.apple.com/article.html?artnum=305392
  iTunes audio playback Vista
  Disk drive fragmentation? files needing to be "reassembled" from discreet sectors? (that could impact audio)...

• Let's see who can help with this applet

  Hello. I am new in Java and confused with this assignment.
  I have to write an applet for a store that sells 8 products
  whose retails prices are Product 1 - $2.98, Product 2 - $4.50, Product 3 - $9.98, Product 4 - $ 4.49, Product 5 - $ 6.87,
  Product 6 � $ 12.37, Product 7 - $ 14.30 and Product 8 - $ 11.40.
  The applet: 1) Has an intro message to a store named for you, where you describe what products they have, 2) Reads a series of pairs of numbers: Product Number and Quantity Number.
  Use a switch structure to determine the retail prices for each product. Use "TextField" to obtain the product number from the user. Use a �sentinel controlled� loop to determine when the program should stop looping to display the final result (I used number -1 as sentinel). Display the total value of all products sold.
  This is the program I wrote:
  //java core packages
  import java.awt.*;
  import java.awt.event.*;
  import java.text.NumberFormat;
  import java.util.Locale;
  // Java extension packages
  import javax.swing.*;
  public class MYSHOP extends JApplet implements ActionListener {
  // GUI componentes
  JLabel productNumLabel, quantityNumLabel;
  JTextField productNumField, quantityNumField;
  // variables
  double subtotal = 0;
  double total = 0;
  public void init()
  // display intro message
  JOptionPane.showMessageDialog( null, "Welcome toablabla.\nWe
  offer you blablabla\nClick OK to start shoping",
  "Company information", JOptionPane.PLAIN_MESSAGE );
  // obtain content pane and set its layout to FlowLayout
  Container container = getContentPane();
  container.setLayout( new FlowLayout() );
  // create productNumLabel, productNumField and attach them to
  // content pane
  productNumLabel = new JLabel( "Enter Product Number (-1 to
  quit):" );
  productNumField = new JTextField( 4 );
  productNumField.addActionListener( this );
  container.add( productNumLabel );
  container.add( productNumField );
  // create productNumLabel, productNumField and attach them to
  // content pane
  quantityNumLabel = new JLabel("Enter Quantity:");
  quantityNumField = new JTextField( 4 );
  quantityNumField.addActionListener( this );
  container.add( quantityNumLabel );
  container.add( quantityNumField );
  } // end method init
  public void actionPerformed( ActionEvent actionEvent )
  int index = Integer.parseInt( productNumField.getText() );
  int ammount = 0;
  while ( index != -1 )
  NumberFormat moneyFormat =
  NumberFormat.getCurrencyInstance( Locale.US );
  if( actionEvent == quantityNumField.getText() )
  ammount = Integer.parseInt( quantityNumField.getText() );
  switch (index)
  case 1:
  subtotal += ( 2.98 * ammount );
  break;
  case 2:
  subtotal += ( 4.5 * ammount );
  break;
  case 3:
  subtotal += ( 9.98 * ammount );
  break;
  case 4:
  subtotal += ( 4.49 * ammount );
  break;
  case 5:
  subtotal += ( 6.87 * ammount );
  break;
  case 6:
  subtotal += ( 12.37 * ammount );
  break;
  case 7:
  subtotal += ( 14.30 * ammount );
  break;
  case 8:
  subtotal += ( 11.40 * ammount );
  break;
  case -1:showStatus( "The Total is: " + subtotal );
  System.exit(0);
  break;
  default:
  JOptionPane.showMessageDialog( null,"There is no
  such product", "ERROR",
  JOptionPane.ERROR_MESSAGE);
  } // end switch structure
  } // end while structure
  productNumField.setText(""); // clear productNum field
  quantityNumField.setText(""); // clear quantityNum field
  } // end method actionPerformed
  } // end class MYSHOP
  When I try to compile it, the error I get is "incomparable types: java.awt.event.ActionEvent and java.lang.String", in the line:
  if( actionEvent == quantityNumField.getText() )
  The error pointer points to "==" in that line
  What should I write in that line instead?
  Also, if someone realizes that some part of the code is in the wrong place, please tell me.
  Thanks in advance.

  Instead of
  if( actionEvent == quantityNumField.getText() ) I think you want
  if( actionEvent.getSource() == quantityNumField )HTH,
  Radish21

• Thoroughly Confused with ADSM created access-lists when viewing ASA config

  Background:
  I am trying to unravel a ASA 5550 config that has been created over several years, by multiple people, some who used ADSM, some who used CLI.
  None of them ever removed any lines from the configuration, and none did any documentation.
  I have several basic questions, which show my ignorance.
  When examining the actual configuration from a CLI perspective:
  1. Does an ADSM-created access list end with any specific ADSM-added suffix?
  2. When ANY access list is created in an ASA 5550, does it HAVE to be included in the access-group command to be functional? Can it also be functional if referenced in a "nat" command?
  3. If the access list does meet either of the criteria specified in question #2, is it completely non-functional?
  4. If an access list is applied to a logical or physical port that is shut down, is the access list functional?

  Actually, I don't think I ever made myself clear.
  I am working with a hard copy of the CLI.
  I have no acccess to the devices to run any commands, nor access to the ADSM.
  I have to get someone with access to the devices to get the CLI based config, or run any show commands for me.
  As stated before, it has been built and rebuilt by different people, some using CLI, some using ADSM, but no one ever cleaned up code or documented.
  I have probably 10-15 different access lists in this config.
  Some look to be affiliated with specific ports. Some of these ports are up, some down.
  I have the same rule sets appearing in 3 separate access lists, in some cases.
  Of course, each of these 3 access lists is slightly different.
  Here is the worst example I have to deal with, and hence why I need to know if an access-list can be active WITHOUT being defined in the access-group command AND AT THE SAME time NOT affiliated with a port.
  An example:
  3 access lists:
  Prmary_Public_access_in
  Primary_Public_access_in_tmp
  Arin_Primary_Public_access_in
  Primary_Public_access_in_tmp is associated with the Primary_Public interface, since it is defined in an access-group command.
  Arin_Public_Primary_access_in is associated with a logical port that is shutdown.
  Primary_Public_access_in does not appear to be directly associated with any one port
  So are Arin_Public_Primary_access_in and Primary_Public_access_in access lists that being referenced to manage traffic?

• Cisco ASA 5505 VPN connection issue ("Unable to add route")

  I'm trying to get IPSec VPN working onto a new Cisco ASA5505. Pretty standard configuration.
  Setup:
  * Cisco VPN client on Windows 7 (v5.0.07.0290 x64 on Laptop1 and v5.0.07.0440 x64 on Laptop2)
  * PPPoE/NAT and internal DHCP on the ASA were configured with the Startup Wizard in ASDM
  NATting is working fine - internal PCs get an IP address in the 192.168.2.0/24 range and can all access the Internet.
  I wanted to be able to connect from anywhere to the ASA in order to reach one of the internal servers. Should be pretty basic.
  First I tried with the built-in ASDM IPSec Wizard, instructions found here.
  VPN clients can connect to the ASA, are connected (until they're manually disconnected), but cannot reach the internal network nor the Internet. Note VPN client can connect fine to a different VPN site (not administered by myself).
  Client logs show following error messages:
  1 15:53:09.363 02/11/12 Sev=Warning/3     IKE/0xA300005F
  Firewall, Cisco Intrusion Prevention Security Agent, is not running, the client will not send firewall information to concentrator.
  2 15:53:13.593 02/11/12 Sev=Warning/2     CVPND/0xE3400013
  AddRoute failed to add a route with metric of 0: code 160
  Destination     192.168.1.255
  Netmask     255.255.255.255
  Gateway     172.16.1.1
  Interface     172.16.1.101
  3 15:53:13.593 02/11/12 Sev=Warning/2     CM/0xA3100024
  Unable to add route. Network: c0a801ff, Netmask: ffffffff, Interface: ac100165, Gateway: ac100101.
  4 15:54:30.425 02/11/12 Sev=Warning/2     CVPND/0xA3400015
  Error with call to IpHlpApi.DLL: CheckUpVASettings: Found IPADDR entry addr=172.16.1.101, error 0
  5 15:54:31.433 02/11/12 Sev=Warning/2     CVPND/0xA3400015
  Error with call to IpHlpApi.DLL: CheckUpVASettings: Found IPADDR entry addr=172.16.1.101, error 0
  6 15:54:32.445 02/11/12 Sev=Warning/2     CVPND/0xA3400015
  Error with call to IpHlpApi.DLL: CleanUpVASettings: Was able to delete all VA settings after all, error 0
  7 20:50:45.355 02/11/12 Sev=Warning/3     IKE/0xA300005F
  Firewall, Cisco Intrusion Prevention Security Agent, is not running, the client will not send firewall information to concentrator.
  8 20:50:50.262 02/11/12 Sev=Warning/2     CVPND/0xE3400013
  AddRoute failed to add a route with metric of 0: code 160
  Destination     192.168.1.255
  Netmask     255.255.255.255
  Gateway     172.16.1.1
  Interface     172.16.1.100
  9 20:50:50.262 02/11/12 Sev=Warning/2     CM/0xA3100024
  Unable to add route. Network: c0a801ff, Netmask: ffffffff, Interface: ac100164, Gateway: ac100101.
  I've already tried the suggestions from this link, although the problem is different there (as the user can still access the internet, even without split tunneling, which I cannot).
  A show run shows the following output (note in the below I have tried a different VPN network: 192.168.3.0/24 instead of 172.16.1.0/24 seen in the Client log)
  Result of the command: "sh run"
  : Saved
  ASA Version 8.2(5)
  hostname AsaDWD
  enable password kLu0SYBETXUJHVHX encrypted
  passwd 2KFQnbNIdI.2KYOU encrypted
  names
  interface Ethernet0/0
  switchport access vlan 2
  interface Ethernet0/1
  interface Ethernet0/2
  interface Ethernet0/3
  interface Ethernet0/4
  interface Ethernet0/5
  interface Ethernet0/6
  interface Ethernet0/7
  interface Vlan1
  nameif inside
  security-level 100
  ip address 192.168.2.254 255.255.255.0
  interface Vlan2
  nameif outside
  security-level 0
  pppoe client vpdn group DW-VPDN
  ip address pppoe setroute
  ftp mode passive
  access-list inside_nat0_outbound extended permit ip any 192.168.3.0 255.255.255.240
  pager lines 24
  logging enable
  logging asdm informational
  mtu outside 1500
  mtu inside 1500
  ip local pool DWD-VPN-Pool 192.168.3.5-192.168.3.15 mask 255.255.255.0
  icmp unreachable rate-limit 1 burst-size 1
  no asdm history enable
  arp timeout 14400
  global (outside) 1 interface
  nat (inside) 0 access-list inside_nat0_outbound
  nat (inside) 1 0.0.0.0 0.0.0.0
  timeout xlate 3:00:00
  timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
  timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
  timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
  timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
  timeout tcp-proxy-reassembly 0:01:00
  timeout floating-conn 0:00:00
  dynamic-access-policy-record DfltAccessPolicy
  http server enable
  http 192.168.2.0 255.255.255.0 inside
  http 0.0.0.0 0.0.0.0 inside
  no snmp-server location
  no snmp-server contact
  snmp-server enable traps snmp authentication linkup linkdown coldstart
  crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
  crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
  crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac
  crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac
  crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
  crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
  crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
  crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
  crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
  crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
  crypto ipsec security-association lifetime seconds 28800
  crypto ipsec security-association lifetime kilobytes 4608000
  crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs group1
  crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
  crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP
  crypto map outside_map interface outside
  crypto isakmp enable outside
  crypto isakmp policy 10
  authentication pre-share
  encryption 3des
  hash sha
  group 2
  lifetime 86400
  telnet timeout 5
  ssh timeout 5
  console timeout 0
  vpdn group DW-VPDN request dialout pppoe
  vpdn group DW-VPDN localname fa******@SKYNET
  vpdn group DW-VPDN ppp authentication pap
  vpdn username fa******@SKYNET password *****
  dhcpd auto_config outside
  dhcpd address 192.168.2.5-192.168.2.36 inside
  dhcpd domain DOMAIN interface inside
  dhcpd enable inside
  threat-detection basic-threat
  threat-detection statistics access-list
  no threat-detection statistics tcp-intercept
  webvpn
  group-policy DWD internal
  group-policy DWD attributes
  vpn-tunnel-protocol IPSec
  username test password ******* encrypted privilege 0
  username test attributes
  vpn-group-policy DWD
  tunnel-group DWD type remote-access
  tunnel-group DWD general-attributes
  address-pool DWD-VPN-Pool
  default-group-policy DWD
  tunnel-group DWD ipsec-attributes
  pre-shared-key *****
  class-map inspection_default
  match default-inspection-traffic
  policy-map type inspect dns preset_dns_map
  parameters
  message-length maximum client auto
  message-length maximum 512
  policy-map global_policy
  class inspection_default
  inspect dns preset_dns_map
  inspect ftp
  inspect h323 h225
  inspect h323 ras
  inspect rsh
  inspect rtsp
  inspect esmtp
  inspect sqlnet
  inspect skinny
  inspect sunrpc
  inspect xdmcp
  inspect sip
  inspect netbios
  inspect tftp
  inspect ip-options
  service-policy global_policy global
  prompt hostname context
  no call-home reporting anonymous
  Cryptochecksum:3e6c9478a1ee04ab2e1e1cabbeddc7f4
  : end
  I've installed everything using the CLI as well (after a factory reset). This however yielded exactl the same issue.
  Following commands have been entered:
  ip local pool vpnpool 172.16.1.100-172.16.1.199 mask 255.255.255.0
  username *** password ****
  isakmp policy 1 authentication pre-share
  isakmp policy 1 encryption 3des
  isakmp policy 1 hash sha
  isakmp policy 1 group 2
  isakmp policy 1 lifetime 43200
  isakmp enable outside
  crypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
  crypto dynamic-map outside_dyn_map 10 set transform-set ESP-3DES-SHA
  crypto dynamic-map outside_dyn_map 10 set reverse-route
  crypto dynamic-map outside_dyn_map 10 set security-association lifetime seconds 288000
  crypto map outside_map 10 ipsec-isakmp dynamic outside_dyn_map
  crypto map outside_map interface outside
  crypto isakmp nat-traversal
  sysopt connection permit-ipsec
  sysopt connection permit-vpn
  group-policy dwdvpn internal
  group-policy dwdvpn attributes
  vpn-tunnel-protocol IPSec
  default-domain value DWD
  tunnel-group dwdvpn type ipsec-ra
  tunnel-group dwdvpn ipsec-attributes
  pre-shared-key ****
  tunnel-group dwdvpn general-attributes
  authentication-server-group LOCAL
  default-group-policy dwdvpn
  Unfortunately I'm getting the same "AddRoute failed to add a route with metric of 0: code 160" error message.
  I'm very confused as this should be a pretty standard setup. I tried to follow the instructions on the Cisco site to the letter...
  The only "differences" in my setup are an internal network of 192.168.2.0 (with ASA IP address 192.168.2.254) and PPPoE with DHCP instead of no PPPoE at all.
  Does anyone know what's going on?

  Yes, I have tried from a different laptop - same results. Using that laptop I can connect to a different IPSec site without issues.
  Please find my renewed config below:
  DWD-ASA(config)# sh run: Saved:ASA Version 8.2(5) !hostname DWD-ASAenable password ******* encryptedpasswd ****** encryptednames!interface Ethernet0/0 switchport access vlan 2!interface Ethernet0/1!interface Ethernet0/2!interface Ethernet0/3!interface Ethernet0/4!interface Ethernet0/5!interface Ethernet0/6!interface Ethernet0/7!interface Vlan1 nameif inside security-level 100 ip address 192.168.2.254 255.255.255.0 !interface Vlan2 nameif outside security-level 0 pppoe client vpdn group DWD ip address pppoe setroute !ftp mode passiveaccess-list inside_nat0_outbound extended permit ip any 192.168.50.0 255.255.255.224 pager lines 24logging asdm informationalmtu inside 1500mtu outside 1500ip local pool vpnpool 192.168.50.10-192.168.50.20 mask 255.255.255.0icmp unreachable rate-limit 1 burst-size 1no asdm history enablearp timeout 14400global (outside) 1 interfacenat (inside) 0 access-list inside_nat0_outboundnat (inside) 1 0.0.0.0 0.0.0.0timeout xlate 3:00:00timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolutetimeout tcp-proxy-reassembly 0:01:00timeout floating-conn 0:00:00dynamic-access-policy-record DfltAccessPolicyhttp server enablehttp 192.168.2.0 255.255.255.0 insidehttp 0.0.0.0 0.0.0.0 outsideno snmp-server locationno snmp-server contactsnmp-server enable traps snmp authentication linkup linkdown coldstartcrypto ipsec transform-set ESP-3DES-SHA esp-3des esp-sha-hmac crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac crypto ipsec transform-set ESP-DES-SHA esp-des esp-sha-hmac crypto ipsec transform-set ESP-DES-MD5 esp-des esp-md5-hmac crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac crypto ipsec transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac crypto ipsec transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac crypto ipsec transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac crypto ipsec transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac crypto ipsec security-association lifetime seconds 28800crypto ipsec security-association lifetime kilobytes 4608000crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set pfs group1crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAPcrypto map outside_map interface outsidecrypto isakmp enable outsidecrypto isakmp policy 10 authentication pre-share encryption 3des hash sha group 2 lifetime 86400telnet timeout 5ssh 0.0.0.0 0.0.0.0 outsidessh timeout 5console timeout 0vpdn group DWD request dialout pppoevpdn group DWD localname *****@SKYNETvpdn group DWD ppp authentication papvpdn username *****@SKYNET password ***** dhcpd auto_config outside!dhcpd address 192.168.2.10-192.168.2.40 insidedhcpd enable inside!threat-detection basic-threatthreat-detection statistics access-listno threat-detection statistics tcp-interceptwebvpn enable outside svc enablegroup-policy DfltGrpPolicy attributes vpn-tunnel-protocol IPSec l2tp-ipsec svc webvpngroup-policy dwdipsec internalgroup-policy dwdipsec attributes vpn-tunnel-protocol IPSec default-domain value DWDDOMusername user1 password ***** encrypted privilege 0username user1 attributes vpn-group-policy dwdipsectunnel-group dwdipsec type remote-accesstunnel-group dwdipsec general-attributes address-pool vpnpool default-group-policy dwdipsectunnel-group dwdipsec ipsec-attributes pre-shared-key *****tunnel-group dwdssl type remote-accesstunnel-group dwdssl general-attributes address-pool vpnpool!class-map inspection_default match default-inspection-traffic!!policy-map type inspect dns preset_dns_map parameters  message-length maximum client auto  message-length maximum 512policy-map global_policy class inspection_default  inspect dns preset_dns_map   inspect ftp   inspect h323 h225   inspect h323 ras   inspect rsh   inspect rtsp   inspect esmtp   inspect sqlnet   inspect skinny    inspect sunrpc   inspect xdmcp   inspect sip    inspect netbios   inspect tftp   inspect ip-options !service-policy global_policy globalprompt hostname context no call-home reporting anonymousCryptochecksum:f5c8dd644aa2a27374a923671da1c834: endDWD-ASA(config)#