1. Home
  2. Cisco Systems
  3. Cisco VPN Client Issues

Cisco VPN Client Issues

I get the following error message when trying to connect to a remote site:

"The client did not match the firewall policy configured on the central site VPN device. Cisco Systems Integrated Client should be enabled or installed on your computer."

When I check Stateful Firewall (Always On), it does the same thing and the log file fills up with:

Sev=Warning/2 IKE/0xE300008A Stateful Firewall (Always On) failed to start.

In addition, I have the following error in my Event Log:

Event Type: Error Event Source: TrueVector Service Event Category: None Event ID: 5003 Date: 11/28/2005 Time: 1:16:49 PM User: N/A Computer: DAVESLAPTOP Description: TrueVector driver: Driver install or load failure: LoadNTDeviceDriver. Win32 error: The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.

Now, I've done a lot of searching around on the Internet and the Cisco site, but can't seem to find any solutions. I've tried the newest version of the Cisco VPN Client and gone back to the older version we still use at the office, same thing.

This is a clean install of Windows XP Home on my laptop so there has never been any instance of ZoneAlarm installed on it. I have done several uninstall/reinstalls of the VPN Client, tried with the Windows Firewall turned on, tried with it turned off, tried with the Sygate Personal Firewall I use normally turned on, turned off, etc.

Anyone have any ideas?

Dave

Reply to
sgtcasey
Loading thread data ...

Anyone at all? I even have a post on the Cisco forums and no replies. I can't be the first to have had this problem! :-)

Dave

Reply to
sgtcasey

You only allowed 19-ish hours for a reply.

Reply to
Walter Roberson

True, true. Just growing weary of the endless searching of the 'net trying to find a solution to the problem. I tinker with things sometimes to try and make stuff work, and for once I've tinkered with all I can think of trying to get this to work. I've uninstalled/installed from 4.7 down to 3.6 (the oldest version I found on the Cisco site) and same thing. I'm wondering if I shouldn't install/uninstall ZoneAlarm just to see if it works, but that's where the problem began in the first place. *sigh*

Dave

Reply to
sgtcasey

Dave,

Hi.

What is the remote site VPN device your trying to connect to. Does this happen when you VPN to other locations assuming there are any ?

I am sure that I have heard somewhere that the Cisco VPN client was based on Zone Alarm technology (could be wildly out here).

Doe the Central site use a Push Policy (CPP) to determine what Firewall you should have. Do they poll using AYT the (Are You There) feature. Just a stab in the dark really to see if your settings differ from what may be centrally defined.

Other than that haven't a clue.

Reply to
Darren Green

It's a customer site where we have a monitoring probe. To connect to that probe we VPN to their network and then ssh to the probe. It works fine for everyone else, just not on my laptop. It worked fine until I messed around with ZoneAlarm, but the interesting thing is after the Windows XP reinstall, I can VPN to other remote sites, just not this one and I'm getting the same error as before the clean install of XP.

Dave

Reply to
sgtcasey

The new built-in-firewall part of it... That's in the 4.something client but not in 3.6.

If I recall correctly, if you have ZoneAlarm and you install the new client, you can run into problems unless you take some special precautions or other. The problems can persist after downgrading the client version because the zone alarm files have already been overwritten.

Reply to
Walter Roberson

It's working. Here is how I got it to work:

  1. Uninstalled the VPN Client.
  2. Installed the latest version of ZoneAlarm.
  3. Installed the latest version of the Cisco VPN Client.

Strange, very strange. I must have missed the section on the Cisco website that said you needed to install ZA to get the 4.7 version of the VPN client to work. :)

Dave

Reply to
sgtcasey

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.