1. Home
  2. Virtual Private Networks
  3. Zonealarm free client and cisco vpn 4.6

Zonealarm free client and cisco vpn 4.6

I can't get my cisco vpn client to work when zonealarm is active. It comes up, identifies the vpn server, logs in, but when it comes to the "securing communications channel" message it just keeps trying, but to no avail. I can't cancel the connect, but rather need to use c-a-d to kill the process (even though it's still 'responding') according to the screen. What settings do I need to change in zonealarm to allow vpn to work? when I shut down zonealarm before starting the vpn client, the client connects normally.

Reply to
maxikins
Loading thread data ...

Have you added the VPN server and the remote subnet to trusted zones in ZA ?

Reply to
Simon

I think so, but I'm not sure how to find the ip address of the vpn server?

Reply to
Mark Klebanoff

OK, here's what I did

1) under the Firewall / Zones tab of ZA, I had 'cisco systems vpn adaper-- deterministic network enhancer miniport', with the ip address of my default gateway and the subnet of 255.255.0.0 in my trusted zone 2) also on that tab I had 'vpn gateway zone' with the range of my office's vpn server abc.def.ghi.1-abc.def.ghi.255 in my trusted zone 3) cisco systems added a loopback adapter at 127.0.0.1, but there were 2 there already, all in the trusted zone. 4) under the firewall /main tab, advanced, I have only 'disable windoze firewall' checked.

I added another entry for the vpn adapter abc.def.ghi.jkl/255.255.0.0 I added another entry for what I found as the default gateway, allowing the whole range mno.pqr.stu.vwx/255.255.0.0

Still nothing. The vpn client finds the server but keeps trying with no succes to establish communications channel.

Reply to
Mark Klebanoff

I had EXACTLY the same problem: Zone Alarm 6.1.737.000, cisco VPN client 4.6.0049. I suggest you check-out the user-forums on the Zone-Alarm site; It seems that there is a known issue between these two bits of software ...so..... I upgraded the cisco VPN client to 4.8.00.0440 after this it worked first time, 100%, no problem !

Summary: Upgrade the Cisco client if you can...it's a lot easier than trying to fix the problem with Ver 4.6.xxxx

Reply to
gorchard

PS: Just to be fair to those whose IT department will not allow them to upgrade to a newer version of the Cisco VPN client, another option is to DOWNAGRADE the Zone-Alarm firewall software to a 5.XX version instead of 6.XX

See this post in the ZA User Forums.

formatting link
Hope all this helps someone.

Reply to
gorchard

Thanks. My employer's website now has 4.8.00.0440, but of course they never announced it-- that would make sense, and we could never let that happen! Anyway I installed it and the 2 programs now play nice together.

Reply to
Mark Klebanoff

Extra Info to help others who may follow this POST: As at Fri 24/03/2006 >>> You can sign-up to be a ZA 'Beta Tester' Apparently, the next version of ZA 6.1.XXXX (Newer than 6.1.737 )

*will* work with cisco VPN 4.6.xxxx

This MIGHT be preferable to downgrading to ZA 5.XXX if you must stick with cisco VPN 4.6.xxxxx

Reply to
Gorch

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.