WRT54g ver 2.2+ Cisco VPN Client 4.8.x

Hi all, I'm currently having a problem with a Cisco VPN Client and the WRT54G ver 2.2. I am able to use the Cisco VPN when I'm hardwired into the WRT54G. The VPN client works flawlessly and I am able to access my company resources. When I connect up via wifi I am able to surf the internet with no problems. When I connect using Cisco VPN Client with wifi I am able to establish a VPN tunnel, but I can not reach any resources on my company network nor am I able to reach the internet. If I try a wifi access point outside my home I'm working fine as well. The folks at work can't ping my machine either. There are no firewalls enabled on the client PC and the WRT54g is enabled to pass IPSec traffic. I have read some other forums posted here and haven't really found a straight answer and tried what they suggested(Changing MTUs, setting router to different subnet outside of 192.168.1.x). Didn't know if anyone could shed some light. I have also updated the firmware up to the latest version dated around 1-7-07. Thanks

Dell has a fix for this problem (or at least one that looks like this problem) on their troubleshooting web site. It was the cure for the problem on my wife's laptop, and she had the same symptoms as you mentioned. I'm not sure if this forum will let me paste a link in this response but, here is the link to the VPN problem on Dell laptops (this applies to certain HP, Cisco, and Broadcom laptops as well): http://support.dell.com/support/topics/global.aspx/support/dsn/en/document?c=us&cs=RC956904&docid=15...
Let us know if this fix worked for you.

Similar Messages

Problem with Cisco VPN client and HP elitebook 2530p windows 7 64-bit

Hi there
I have a HP Elitebook 2530p which i upgraded to windows 7 64-bit. I installed the Cisco VPN client application (ver. 5.0.07.0290 and also 64-bit) and the HP connection manager to connect to the internet through a modem Qualcomm gobi 1000 (that is inside the laptop). When I connect to the VPN, it connects (I write the username and password) but there is no traffic inside de virtual adapter for my servers. When I connect to the internet through wire or wireless internet, I connect de VPN client and there is no problem to establish communication to my servers.
I tried everything, also change the driver and an earlier version of the HP connection manager application. I also talked to HP and they told me that there was a report with this kind of problem and it was delivered to Cisco. I don’t know where is the problem.
Could anyone help me?
Thanks to all.

You can try to update Deterministic Network Enhancer to the below listed release which supports
WWAN Drivers.
http://www.citrix.com/lang/English/lp/lp_1680845.asp.
DNE now supports WWAN devices in Win7. Before downloading the latest version of DNEUpdate from the links below, be sure you have the latest
drivers for your network adapters by downloading them from the vendors websites.
For 64-bit: ftp://files.citrix.com/dneupdate64.msi
Hope that helps.

Cisco VPN Client and Border Manager

Don't know if this is the correct spot, but here goes. We are using BM 3.8sp4 using proxy, and NAT. We have a contractor that needs to access his company network using a Cisco VPN Client Ver 5. They have Enable Transparent Tunneling checked in the client and IPSec over TCP port 1000.
Is this a filter exception to let it out or something else I need to set up?

Port 1000, or 10000? (10,000 is something I've seen in the past, and
is what I used for the example in my BMgr filtering book. See URL
below).
You would probably need to open two ports up, in FILTCFG, from private
to public interfaces. First, IKE-st (UDP 500). Next, make a custom
stateful one for port 1000 (or whatever), probably UDP.
The last Cisco IPSec VPN client I used through BMgr needed UDP 500 and
UDP 4500 opened, just like the Novell IPSec VPN client. So I was able
to use the definitions supplied by Novell in FILTCFG. In your case,
you will probably have to add at least one custom exception.
Filter debug will tell you what is being filtered, if you know how to
use it. Or get PKTSCAN.NLM from download.novell.com, load it on the
server, and capture packets. Look at them on the server, or use
Wireshark, and you will see what protocol/ports are being sent from the
client IP address.
Craig Johnson
Novell Support Connection SysOp
*** For a current patch list, tips, handy files and books on
BorderManager, go to http://www.craigjconsulting.com ***

Cisco VPN client and License

Hello,
We have a Cisco ASA 5520 with the VPN PLus License and 8.04 IOS installed, we want to set up vpn access to our users. We can use the cisco VPN client which works on WIndows Platform, but we also have MAC OS 10.7 which works only with Cisco Anyconnect.
I am a little bit lost with all the client and the license, actually we can't setup more than 2 vpn session with an Anyconnect client installed on MAC or Windows. The authentication is by Certificate, the first two connect fine, but the third one don't connect and prompt for a username / password.
I joined a SH VER of my ASA, if anyome can tell me what is wrong on the license or perhaps it's a configuration problem?
Thanks a lot for the answer.
Mathieu.
fw-eps-02# sh ver
Cisco Adaptive Security Appliance Software Version 8.0(4)
Device Manager Version 6.4(1)
Compiled on Thu 07-Aug-08 20:53 by builders
System image file is "disk0:/asa804-k8.bin"
Config file at boot was "startup-config"
fw-eps-02 up 1 hour 36 mins
Hardware:   ASA5520, 2048 MB RAM, CPU Pentium 4 Celeron 2000 MHz
Internal ATA Compact Flash, 256MB
BIOS Flash Firmware Hub @ 0xffe00000, 1024KB
Encryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0)
                             Boot microcode   : CN1000-MC-BOOT-2.00
                             SSL/IKE microcode: CNLite-MC-SSLm-PLUS-2.03
                             IPSec microcode : CNlite-MC-IPSECm-MAIN-2.05
0: Ext: GigabitEthernet0/0 : address is c84c.75da.9a58, irq 9
1: Ext: GigabitEthernet0/1 : address is c84c.75da.9a59, irq 9
2: Ext: GigabitEthernet0/2 : address is c84c.75da.9a5a, irq 9
3: Ext: GigabitEthernet0/3 : address is c84c.75da.9a5b, irq 9
4: Ext: Management0/0       : address is c84c.75da.9a5c, irq 11
5: Int: Not used            : irq 11
6: Int: Not used            : irq 5
Licensed features for this platform:
Maximum Physical Interfaces : Unlimited
Maximum VLANs                : 150
Inside Hosts                 : Unlimited
Failover                     : Active/Active
VPN-DES                      : Enabled
VPN-3DES-AES                 : Enabled
Security Contexts            : 2
GTP/GPRS                     : Disabled
VPN Peers                    : 750
WebVPN Peers                 : 2
AnyConnect for Mobile        : Disabled
AnyConnect for Linksys phone : Disabled
Advanced Endpoint Assessment : Disabled
UC Proxy Sessions            : 2
This platform has an ASA 5520 VPN Plus license.
Serial Number: JMX1433L0Y3
Running Activation Key: 0x3a17c153 0x8c141630 0xe0f3b5d4 0x86044ccc 0x47193392
Configuration register is 0x40 (will be 0x1 at next reload)
Configuration last modified by mgeffroy at 15:33:11.409 CEST Mon Jan 23 2012
fw-eps-02#

why don't you use built-in client in mac osx? it supports certificate authentication also.
another solution would be to buy additional ssl vpn licences: there is a limit of two ssl vpn sessions by default.
Sent from Cisco Technical Support iPad App

IP Communicator doesn't work with Cisco VPN Client

Hi,
Im having problem to connect IP Communicator (either ver 2 or 7 )whenever using Cisco VPN Client 5.0.06.0160 for windows
the IPC didn't register to the CUCM
There's nothing showing on the screen
but whenever im using Anyconnect VPN Client, it works perfectly
The remote side is using ASA5505
Anyone can help ??
Thanks

It's probably an issue with the ASA configuration in your "group-policy attributes". The "split-tunnel-network-list value" is pointing to an access list without the subnet for the call manager. While your ssl group-policy for webvpn has a "split-tunnel network-list value" access-list which does contain the subnet for the call manager.
The other issue could be that your using different ip pools for ipsec and ssl vpn. The ip pool subnet that you might be giving out for ipsec might not be in your "no nat" acl.
Jason

Cisco VPN Client wont install Error 1406

Hello
I am installing Cisco VPN Client on my Windows 7 32-bit laptop but it doesn't work.
I have downloaded VPN Client ver "vpnclient-win-msi-5.0.07.0410-k9" which is supposed to be assigned for Win 32 bit but i get a lot of error like his:
"Error 1406. Could not write value Maximum Plugins to key \System\Current\Controlset\Services\DNE\Parameters
Verify that you have sufficient access to that key or contact your support personnel.
I have tried a lot of suggestions from the internet but it doesn't seem to work. Please help!

Thank you so much for your response, John.
Yes, i have clicked on "Ignore", however, i receve the same error message for a different address (\System\Current\Controlset\Services\DNE\Parameters) and the Error nuimber changes. It goes from 1401 to 1406.
I Keep Ignoring those error messages but i do get more than 50 of them. And after ignoring a bit more, it gives me some messag stating that "The installation could not be performed" So my only option at that time is "Abort"
:S

CISCO VPN Client v 4.8 Speed is 15% nonVPN speed with WRVS4000N Router

My firm runs CISCO VPN client v.4.8.01.0300 andI've always had issues with VPN speeds with my ISP (Hughes.net - satellite). I had a WRT54GS router and upgraded to the 4000N VPN router per my ISP's & Linksys's recommendation to resolve my VPN connectivity speed, but my speed is the same with the 4000N as it was with the 54GS - about 150kbps. Are there specific settings I need to make to the router or am I never going to resolve this so long as I have a satellite-based ISP which is my only option.
Any help would be appreciated so I will hopefully not have wasted $250 on the 4000N.
Thanks,
Craig
Message Edited by CPeay on 12-23-2008 09:20 AM

The wrvs4000n has a quick vpn software that you can use instead of your cisco vpn client. If you want to use the cisco vpn client, the wrvs4000n act as a pass through only. Try to connect the computer directly to the modem and check if the cisco vpn client is faster. If still same result, then problem is on the internet connection.

Cisco VPN Client is not opening on windows 7 64bits

Hello,
My problem : i instaled Cisco VPN client 5.0.07.0440-k9 on Windows 7 64 bits, the installation ends successfully. But when i restard the computer, when i click it doesnt open.
Notice : when i restard the computer, it takes an infinite time the first rebooting , in the final stage of boot ( The black window with the Microsoft logo and message Windows Is Starting ...) '' it takes an infinite time so i force the reboot.
started the same thread here but no answer yet.
Thank you

check your event viewer/System log. You may see some entries stating that
"The Cisco Systems Inc. IPSec Driver failed to start due to the following error: Windows cannot verify the digital signature for this file."
disable digital signatures (NOT recommended) and cisco works fine
I guess Cisco has already killed this program if they aren't even getting it certified.

Need HELPS! ASA 5505 8.4 Cisco VPN Client cannot ping any internal host

Hi:
Need your great help for my new ASA 5505 (8.4)
I just set a new ASA 5505 with 8.4. However, I cannot ping any host after VPN in with Cisco VPN client. Please see below posted configuration file, thanks for any suggestion.
ASA Version 8.4(3)
names
interface Ethernet0/0
switchport access vlan 2
interface Ethernet0/1
switchport access vlan 2
interface Ethernet0/2
interface Ethernet0/3
interface Ethernet0/4
interface Ethernet0/5
interface Ethernet0/6
interface Ethernet0/7
interface Vlan1
nameif inside
security-level 100
ip address 172.29.8.254 255.255.255.0
interface Vlan2
nameif outside
security-level 0
ip address 177.164.222.140 255.255.255.248
ftp mode passive
clock timezone GMT 0
dns server-group DefaultDNS
domain-name ABCtech.com
same-security-traffic permit inter-interface
object network obj_any
subnet 172.29.8.0 255.255.255.0
object service RDP
service tcp source eq 3389
object network orange
host 172.29.8.151
object network WAN_173_164_222_138
host 177.164.222.138
object service SMTP
service tcp source eq smtp
object service PPTP
service tcp source eq pptp
object service JT_WWW
service tcp source eq www
object service JT_HTTPS
service tcp source eq https
object network obj_lex
subnet 172.29.88.0 255.255.255.0
description Lexington office network
object network obj_HQ
subnet 172.29.8.0 255.255.255.0
object network guava
host 172.29.8.3
object service L2TP
service udp source eq 1701
access-list VPN_Tunnel_User standard permit 172.29.8.0 255.255.255.0
access-list VPN_Tunnel_User standard permit 172.29.88.0 255.255.255.0
access-list inside_access_in extended permit icmp any any
access-list inside_access_in extended deny tcp any any eq 135
access-list inside_access_in extended deny tcp any eq 135 any
access-list inside_access_in extended deny udp any eq 135 any
access-list inside_access_in extended deny udp any any eq 135
access-list inside_access_in extended deny tcp any any eq 1591
access-list inside_access_in extended deny tcp any eq 1591 any
access-list inside_access_in extended deny udp any eq 1591 any
access-list inside_access_in extended deny udp any any eq 1591
access-list inside_access_in extended deny tcp any any eq 1214
access-list inside_access_in extended deny tcp any eq 1214 any
access-list inside_access_in extended deny udp any any eq 1214
access-list inside_access_in extended deny udp any eq 1214 any
access-list inside_access_in extended permit ip any any
access-list inside_access_in extended permit tcp any any eq www
access-list inside_access_in extended permit tcp any eq www any
access-list outside_access_in extended permit icmp any any
access-list outside_access_in extended permit tcp any host 177.164.222.138 eq 33
89
access-list outside_access_in extended permit tcp any host 177.164.222.138 eq sm
tp
access-list outside_access_in extended permit tcp any host 177.164.222.138 eq pp
tp
access-list outside_access_in extended permit tcp any host 177.164.222.138 eq ww
w
access-list outside_access_in extended permit tcp any host 177.164.222.138 eq ht
tps
access-list outside_access_in extended permit gre any host 177.164.222.138
access-list outside_access_in extended permit udp any host 177.164.222.138 eq 17
01
access-list outside_access_in extended permit ip any any
access-list inside_access_out extended permit icmp any any
access-list inside_access_out extended permit ip any any
access-list outside_cryptomap extended permit ip 172.29.8.0 255.255.255.0 172.29
.88.0 255.255.255.0
access-list inside_in extended permit icmp any any
access-list inside_in extended permit ip any any
access-list inside_in extended permit udp any any eq isakmp
access-list inside_in extended permit udp any eq isakmp any
access-list inside_in extended permit udp any any
access-list inside_in extended permit tcp any any
pager lines 24
logging enable
logging asdm informational
mtu inside 1500
mtu outside 1500
ip local pool ABC_HQVPN_DHCP 172.29.8.210-172.29.8.230 mask 255.255.255.0
icmp unreachable rate-limit 1 burst-size 1
asdm history enable
arp timeout 14400
nat (inside,outside) source static orange interface service RDP RDP
nat (inside,outside) source static obj_HQ obj_HQ destination static obj_lex obj_
lex route-lookup
nat (inside,outside) source static guava WAN_173_164_222_138 service JT_WWW JT_W
WW
nat (inside,outside) source static guava WAN_173_164_222_138 service JT_HTTPS JT
_HTTPS
nat (inside,outside) source static guava WAN_173_164_222_138 service RDP RDP
nat (inside,outside) source static guava WAN_173_164_222_138 service SMTP SMTP
nat (inside,outside) source static guava WAN_173_164_222_138 service PPTP PPTP
nat (inside,outside) source static guava WAN_173_164_222_138 service L2TP L2TP
object network obj_any
nat (inside,outside) dynamic interface
access-group inside_in in interface inside
access-group outside_access_in in interface outside
route outside 0.0.0.0 0.0.0.0 177.164.222.142 1
route inside 172.29.168.0 255.255.255.0 172.29.8.253 1
timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
aaa-server Guava protocol nt
aaa-server Guava (inside) host 172.29.8.3
timeout 15
nt-auth-domain-controller guava
user-identity default-domain LOCAL
http server enable
http 172.29.8.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart warmstart
crypto ipsec ikev1 transform-set ESP-AES-128-SHA esp-aes esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-128-MD5 esp-aes esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-AES-256-SHA esp-aes-256 esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-3DES-SHA esp-3des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-3DES-MD5 esp-3des esp-md5-hmac
crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac
crypto ipsec ikev1 transform-set ESP-DES-MD5 esp-des esp-md5-hmac
crypto ipsec ikev1 transform-set Remote_VPN_Set esp-3des esp-md5-hmac
crypto ipsec ikev1 transform-set Remote_vpn_set esp-3des esp-md5-hmac
crypto ipsec ikev2 ipsec-proposal AES256
protocol esp encryption aes-256
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES192
protocol esp encryption aes-192
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES
protocol esp encryption aes
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal 3DES
protocol esp encryption 3des
protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal DES
protocol esp encryption des
protocol esp integrity sha-1 md5
crypto dynamic-map outside_dyn_map 20 set ikev1 transform-set Remote_VPN_Set
crypto dynamic-map outside_dyn_map 20 set reverse-route
crypto map outside_map 1 match address outside_cryptomap
crypto map outside_map 1 set peer 173.190.123.138
crypto map outside_map 1 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5
ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ES
P-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map outside_map 1 set ikev2 ipsec-proposal AES256 AES192 AES 3DES DES
crypto map outside_map 65535 ipsec-isakmp dynamic outside_dyn_map
crypto map outside_map interface outside
crypto ikev2 policy 1
encryption aes-256
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 10
encryption aes-192
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 20
encryption aes
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 30
encryption 3des
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 policy 40
encryption des
integrity sha
group 5 2
prf sha
lifetime seconds 86400
crypto ikev2 enable outside
crypto ikev1 enable outside
crypto ikev1 policy 1
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 43200
crypto ikev1 policy 10
authentication crack
encryption aes-256
hash sha
group 2
lifetime 86400
crypto ikev1 policy 20
authentication rsa-sig
encryption aes-256
hash sha
group 2
lifetime 86400
crypto ikev1 policy 30
authentication pre-share
encryption aes-256
hash sha
group 2
lifetime 86400
crypto ikev1 policy 40
authentication crack
encryption aes-192
hash sha
group 2
lifetime 86400
crypto ikev1 policy 50
authentication rsa-sig
encryption aes-192
hash sha
group 2
lifetime 86400
crypto ikev1 policy 60
authentication pre-share
encryption aes-192
hash sha
group 2
lifetime 86400
crypto ikev1 policy 70
authentication crack
encryption aes
hash sha
group 2
lifetime 86400
crypto ikev1 policy 80
authentication rsa-sig
encryption aes
hash sha
group 2
lifetime 86400
crypto ikev1 policy 90
authentication pre-share
encryption aes
hash sha
group 2
lifetime 86400
crypto ikev1 policy 100
authentication crack
encryption 3des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 110
authentication rsa-sig
encryption 3des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 120
authentication pre-share
encryption 3des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 130
authentication crack
encryption des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 140
authentication rsa-sig
encryption des
hash sha
group 2
lifetime 86400
crypto ikev1 policy 150
authentication pre-share
encryption des
hash sha
group 2
lifetime 86400
telnet 192.168.1.0 255.255.255.0 inside
telnet 172.29.8.0 255.255.255.0 inside
telnet timeout 5
ssh timeout 5
console timeout 0
dhcpd auto_config outside vpnclient-wins-override
dhcprelay server 172.29.8.3 inside
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
webvpn
enable outside
group-policy ABCtech_VPN internal
group-policy ABCtech_VPN attributes
dns-server value 172.29.8.3
vpn-tunnel-protocol ikev1
split-tunnel-policy tunnelspecified
split-tunnel-network-list value VPN_Tunnel_User
default-domain value ABCtech.local
group-policy GroupPolicy_10.8.8.1 internal
group-policy GroupPolicy_10.8.8.1 attributes
vpn-tunnel-protocol ikev1 ikev2
username who password eicyrfJBrqOaxQvS encrypted
tunnel-group 10.8.8.1 type ipsec-l2l
tunnel-group 10.8.8.1 general-attributes
default-group-policy GroupPolicy_10.8.8.1
tunnel-group 10.8.8.1 ipsec-attributes
ikev1 pre-shared-key *****
ikev2 remote-authentication pre-shared-key *****
ikev2 remote-authentication certificate
ikev2 local-authentication pre-shared-key *****
tunnel-group ABCtech type remote-access
tunnel-group ABCtech general-attributes
address-pool ABC_HQVPN_DHCP
authentication-server-group Guava
default-group-policy ABCtech_VPN
tunnel-group ABCtech ipsec-attributes
ikev1 pre-shared-key *****
tunnel-group 173.190.123.138 type ipsec-l2l
tunnel-group 173.190.123.138 general-attributes
default-group-policy GroupPolicy_10.8.8.1
tunnel-group 173.190.123.138 ipsec-attributes
ikev1 pre-shared-key *****
ikev2 remote-authentication pre-shared-key *****
ikev2 remote-authentication certificate
ikev2 local-authentication pre-shared-key *****
class-map inspection_default
match default-inspection-traffic
policy-map global_policy
class inspection_default
inspect pptp
inspect ftp
inspect netbios
smtp-server 172.29.8.3
prompt hostname context
no call-home reporting anonymous
Cryptochecksum:6a26676668b742900360f924b4bc80de
: end

Hello Wayne,
Can you use a different subnet range than the internal interface, this could cause you a LOT of issues and hours on troubleshooting, so use a dedicated different Ip address range...
I can see that the local Pool range is included into the inside interface Ip address subnet range, change that and the related config ( NAT,etc, ) and let us know what happens,
Regards,
Julio
Security Trainer

ASA , Cisco VPN client with RADIUS authentication

Hi,
I have configured ASA for Cisco VPN client with RADIUS authentication using Windows 2003 IAS.
All seems to be working I get connected and authenticated. However even I use user name and password from Active Directory when connecting with Cisco VPN client I still have to provide these credentials once again when accessing domain resources.
Should it work like this? Would it be possible to configure ASA/IAS/VPN client in such a way so I enter user name/password just once when connecting and getting access to domain resources straight away?
Thank you.
Kind regards,
Alex

Hi Alex,
It is working as it should.
You can enable the vpn client to start vpn before logon. That way you login to vpn and then logon to the domain. However, you are still entering credentials twice ( vpn and domain) but you have access to domain resources and profiles.
thanks
John

Boot camp with Cisco VPN client and smart card

Looking at a Macbook or Macbook Air and the only reason I need to run windows is to be able to access my work network through the Cisco VPN client and my Smartcard then use remote desktop. From my understanding if I run Bootcamp it should work am I correct? Im going to an Apple store tomorrow hopefully they can help too.
Thanks

mrbacklash wrote:
Ok with that being said will the MBA 11.6 1.4ghz have the guts to make it run mostly internet based programs over the VPN connection?
I think if you are running apps over the Internet the bottleneck will be the Internet and your VPN bandwidth. Your computer can certainly execute faster than Internet communications.
Besides, Internet or remote applications run on the remote server. All your local computer does is local processing of the data if necessary.
Message was edited by: BobTheFisherman

Cisco VPN client and mac mail

Hi all,
I wonder if someone can be more helpful than my uni IT department who take a minimum of a week to get you an IP address...
My new uni uses Cisco VPN client for connection to the Wi-Fi network. It all works great apart from one (very annoying problem):-my e-mail accounts in mac mail don't seem to be able to connect via the VPN. I have had both an IMAP and a POP server e-mail account work automatically wherever I connect in the world for over a year now-so its not the way I've set up the accounts.
Is there any way to get mac mail to "see" the VPN connection. If I have to physically plug-in my mac this seems a tad ridiculous when it works in every coffee shop with free wi-fi.
My uni are not helpful as they want people to use either outlook or better still log-on to their e-mail using the web. I don't even want to use their e-mail-what is the point when I move jobs again in a year. What I do currently is use an IMAP account from my last job which I've set to forward to my "e-mail for life" from my undergrad uni. I basically only give out my life e-mail address and this also goes on all my papers.
If I can't access this easily and sort all my mail in all the folders I've created to filter out things like facebook etc. I'm wondering what the point of mac mail is.

Yeah, that stuff normally works for me. Unfortunately this is a situation where you have to use an external Cisco VPN client software, whether you like it or not. Its this horrible clunky thing (which at least half works I guess). So its only like normal wi-fi in terms of selecting the network, then you have to open up this application and put in your log-in etc. Most of the settings on this client seem locked, so there isn't much I can do to configure it.
I've just got to my (temporary) accommodation which doesn't have wi-fi or VPN (just ethernet) and my mail is working again-so it must be the VPN. Goodness knows how it works with an iPod touch (interested in getting one but kind of pointless if I spend most of my time at work and it doesn't work...)
Thanks for your suggestions though!

Cisco VPN client and SSH

Hi,
I am using Cisco VPN client 4.9.01.0180 to connect to remote server. From the Cisco client, I see that I am connecting to the remote server.
Using the terminal, with command:
ssh 192.168.1.2 or ssh [email protected] to connect to the remote server.
However, the output is:
ssh: connect to host 192.168.1.2 port 22: Operation timed out
I don't know what is going wrong. The Cisco client 's setting is simple, and no problem using Windows. Do I have to modify the Mac OS?
Regards,
Terence

hi,
sorry for asking stupid. how and what did you change your subnet to ?
i have almost the exact same problem (same client and on Windows it does work and I cannot ssh to a Mac in the work office) furthermore i am using a wireless connection (via Airport Express) ... not sure if that matters.
do i just go into the Network Prefs and select the tcp/ip tab, and manually change the ip-addresses ?
my settings (DHCP) currently are
ip 10.0.1.2
Subnet Mask 255.255.255.0
Router 10.0.1.1
The strange thing for me is that if I Remote Desktop to a PC (via VPN) on the same office net as the above Mac I cannot ssh (via Putty), but when i am physically at the PC i am able to ssh.
any help appreciated
./allan

Cisco VPN Client and Quick VPN interaction?

I have both a Cisco VPN client for connecting to my company LAN and a QuickVPN client for connecting to my home LAN installed on my W2K laptop. Both start and run correctly, and both connect just as they should. My home LAN uses a WRV54G router to provide VPN connection. I can alternate back and forth between the two clients and connect to each LAN with no obvious issues, but not at the same time, of course.
Here's the question. When I connect to the home LAN, I can log on with no problem and I can remotely administer the WRV54G with no problem. I can ping all of the wired and wireless W2K computers on my home LAN with no problem. However, I cannot "see", browse or map any of the shared resources on my home LAN. I have created user accounts on the home LAN computers for my laptop and router logins and I have given these accounts permissions to my shared resources, but I still cannot get to them. Linksys tech support has been absolutely no help whatsoever, even after repeated attempts.
While trying to troubleshoot this myself, I've noticed that when the Cisco VPN client is running and I'm connected to my company LAN, the IP address and subnet of my computer is changed to ones assigned by the DHCP server at my company. This seems to happen because the Cisco client activates the "Local Area Connection Number 2" on my laptop and assigns IP addresses using it. However, when I'm using the QuickVPN client to connect to my home, the IP address and subnet of my laptop continues to be those assigned by whatever local network I'm connected to (e.g. hotel, etc).
I'm wondering if the QuickVPN is supposed to be assigning an IP address and subnet to my laptop from the WRV54G's DHCP server when I connect to my home LAN. If so, could the Cisco VPN client installed on my laptop be preventing that from happening?
Sorry for the long post, but I'm at my wit's end on this one and Linksys is just no help at all.

1. The Cisco VPN client creates a virtual interface on your computer. This allows you to route traffic to the tunnel. The QuickVPN client is simpler. It only encrypts the traffic to the other end. It does not use a virtual interface. That's why you don't have another IP address when connected with QuickVPN. QuickVPN only encrypts IP packets with IPSec from your computer to 192.168.1.* (or whatever you may use on your WRV LAN) and sends them to the WRV's public IP address.
2. Microsoft Windows file sharing and LAN network browsing depends on network broadcasts. Those only work inside a LAN. If you connect from the outside to a LAN, broadcasts won't go through the VPN tunnel. This means you cannot use standard name windows workgroup name resolution to access shares. Those are propagated with broadcasts which will never go through the VPN tunnel. This means you are not able to use workgroup browsing. All you can to do access your shares is to use the IP address of the other computer.
In short:
\\mycomputer\share won't work
\\192.168.1.50\share works
(assuming the general sharing setup is O.K., i.e. you can use sharing correctly inside your LAN).
Of course, firewalls on the server end may cause problems. Access comes in from a public IP address. This may be blocked. Check the firewall logs on the server to find out if this is the case or not.
Moreover, establishing the VPN connection from a private LAN to a private LAN may not work. This is due to the double network address translation which breaks IPSec and thus the connection. If the hotel uses private IP addresses, this may be the case. But in that case you won't get ping responses from your WRV LAN.
What definitively won't work is in case when the hotel uses the same IP address subnet as you. If the hotel uses 192.168.1.* addresses and your WRV uses 192.168.1.* addresses you cannot connect. QuickVPN does only IPSec tunneling. There is no address translation in QuickVPN. Therefore connecting the identical private IP address subnet through QuickVPN will never work because all addresses exists twice, once on either side.

Cisco VPN Client and Windows XP Home

Hello,
I cannot find any information to tell me whether Windows XP Home (Not XP Professional) is supported under ant Cisco VPN client 4.xx or 5.xx.
We have several "home" users and when trying to install it just causes the pc to do a looping reboot.
Can anyone advise please ?
Scott

Scott,
Not sure if you read the release notes, but here they are are for V4.06 and V5.0:
http://www.cisco.com/en/US/docs/security/vpn_client/cisco_vpn_client/vpn_client46/release/notes/46clnt.html#wp1207576
http://www.cisco.com/en/US/products/sw/secursw/ps2308/prod_release_note09186a0080884df5.html#wp1207576
I'm not seeing anything that prohibits XP Home, but there are several caveats that may have direct bearing on why your user's can't get it installed (administrative access to internal firewalls).
HTH
Steve

WRT54g ver 2.2+ Cisco VPN Client 4.8.x

Similar Messages

Maybe you are looking for