Thanks Moderator, but that's not very helpful.
I could understand the need for tweaking if I wanted to run a tight firewall, but with ZA SHUTDOWN you can't tell me there's a configuration issue. It must be some fundamental conflict which hasn't been seen before and which isn't addressed in your QA cycle.
I'm sure you can imagine what would happen if I brought my personal laptop to our IT department and told them Cisco VPN only runs when ZA is uninstalled. They'll say: "well, uninstall it."
You have to understand it will be nigh on impossible to convince them ZA is not at fault when it is the only variable keeping me from using the VPN.
PS, I'd be happy to send you my PCF file to see if there are known issues with it's configuration.
The client log file just isn't throwing anything useful up, and watching the firewall shows the packets are not hitting the firewall but getting discarded at the client end by the VPN client.
I'm putting in a change request at work to get a secondary route on the VPN (via another site) to use IPSEC over TCP in place of the existing UDP connection. Once up, this may shine some more light on the issue...
Last edited by fax; June 2nd, 2010 at 12:29 AM. Reason: offtopic - please stick to the issue. Thanks.
Here's a me too, but with some detailed info.
System Dell Optiplex GX780
Intel Core2 Duo CPU 2.93 GHZ
Vista Home Premium 64 bit
Cisco VPN Client 5.0.07.0290
Zone Alarm Free 9.2.044.000
Without Zone Alarm installed and windows firewall on.
The VPN client connects and is able to access workplace resources, via UDP or TCP connection.
With Zone Alarm installed -
Allow uncommon protocols at high security - checked
Program Control set to full allow for both Trusted and Internet Access, and Trusted and Internet Server.
Trusted Zone entries for the IP address of the VPN device, and two of the internal subnets.
VPN connection over TCP - will not connect, Cisco reason 414
VPN connection over UDP - connects, but unable to reach workplace resources, all packets either bypass the client, or are discarded.
I am the VPN unit administrator, I have set up several of these connections with Zone Alarm Free in the past. I have never run into a situation where even establishing the trusts in ZA prevents the VPN client from encapsulating the traffic.
Suggestions, tips, pointers appreciated
I'm also having the same problems with Cisco VPN and ZoneAlarm.
I can log into VPN, but any of the IPs that should be available to me once logged on are not accessible. I also can't ping them.
Cisco VPN Client 5.0.03.0560
ZoneAlarm free edition (latest version as of today)
I also can't access anything via the VPN unless I completely uninstall ZoneAlarm. I've tried toying with the settings (allowing certain IPs and ranges, etc) but no luck.
If your using the Cisco VPN perform the following to capture complete logs
For Free ZA 9.2.044.000 and paid products running version 9.1.507.000
DO NOT SUBMIT LOGS FOR VERSIONS LOWER THAN THOSE. THEY WILL NOT BE USED IF YOU DO.
Enable full logging.
Start > All Programs > ZoneAlarm
Select the ZoneAlarm Diagnostics Tool program.
Once tool is running check ALL the boxes in the LOGGING section only
DO NOT make any other changes.
Now click OK
You will be told you need to restart your PC.
Shut down and reboot your PC
After you PC is rebooted then go ahead and attempt to make a VPN connection and try to access what doe snot work for you.
Once it has failed, open the Diagnostics Tool again.
Now click the Upload Data button
Enter your email address in the email field.
Enter the following text in the Case Number field: CISCOVPN
Click the OK button.
Now depending how large the logs are and the speed of your system and internet connection it will now compress all your logs into a CAB file and upload them to our server. Once you get a successful message after the upload reply back here to let me know.
Click here for ZA Support
Closed Sundays and Holidays PST
Done and uploaded. Thank you!
Done and Uploaded
There are currently 1 users browsing this thread. (0 members and 1 guests)