• IT Services
• Virtual Private Networking (VPN)
• Installing the VPN software
• VPN software for Windows Vista and Windows 7
  • Troubleshooting Vista/Windows 7 VPN problems

• Related links
  • A-Z index
  • Help and support
  • Key services

Troubleshooting Vista/Windows 7 VPN problems

If yes - Do a clean install of Vista RTM before installing the client.

Are you installing this on an upgraded installation of Vista?

If yes - Do a clean install of Vista RTM before installing the client.

Did you run the vpnclient_setup.msi file to install the client?

If yes - Rerun the installer using the downloaded vpnclient-win-msi-<version>-k9-x86.exe or vpnclient_setup.exe. Currently the .MSI file isn't Vista compatible.

When installing the client you are getting a DNE error message?

• Verify the following regkey:
  HKLM\Software\Microsoft\Windows\CurrentVersion\DevicePath = %SystemRoot%\inf
• And the type is set to type REG_EXPAND_SZ
• Either add it to the list already there or replace the entire entry with just that one.
• More info regarding this registry key: http://support.microsoft.com/kb/279112

Received error: Reason 402 The Connection Manager was unable to read the connection entry or the connection entry has missing or incorrect information.

• Manually copy the files that where imported or created via the GUI from C:\users\&lt;username&gt;\appdata\local\virtualstore\program files\cisco systems\vpnclient\profiles to c:\program files\cisco systems\vpn client\profiles\

This currently is only affecting foreign versions of Vista. However please let us know if you have this happening on English edition as well.

Is the client hanging at "securing network connection"?

• Ensure that your Virtual Adapter is categorized as a "Public" network rather than "Private". This can be changed in the "Network and Share Center".
• If you are getting an error message saying that the client is unable to enable the virtual adapter do the following:
  1. Check to see if the Virtual Adapter is installed. Open Device Manager and look under Networking to verify if the Virtual Adapter is installed.
  2. If not run the following command in the VPN Client directory: vainstaller.exe i "C:\Program Files\Cisco Systems\VPN Client\setup\netcvirta.inf" CS_VirtA
  3. If this doesn't show the Virtual Adapter, uninstall the client and reinstall the client with MSI logging enabled. See below for info. Then email the MSI log and the DNE log to vista-vpn@cisco.com.
• Manually enable the Virtual Adapter and attempt to connect. If the adapter will not enable do the following:
  1. If this doesn't show the Virtual Adapter, uninstall the client and reinstall the client with MSI logging enabled. See below for info. Then email the MSI log and the DNE log to vista-vpn@cisco.com.
  2. Vista will attempt to a categorize the Virtual Adapter when it is enabled. We have found that if you set the physical adapter location to "Public" it minimizes the issue. This has been resolved but not yet made available.

Are you getting a firewall error message and being disconnected?

Vista client currently doesn't install the integrated firewall, disable or create a new group that does not check for the firewall on your headend.

Error 412

In some cases, you may encounter the following: 'Error 412: The remote peer is no longer responding'. This generally means a firewall is blocking the required connection. Under Vista, there is also a known issue which the following may resolve:

a) if appropriate, upgrade the firmware on your home ADSL router or equivalent

b) change the vpn profile to use TCP, as detailed below:

1. Open the VPN client
2. Select the 'VistaUsers' profile listed under the 'connection entries' tab
3. Click on the 'Modify' button
4. Select the 'Transport' tab and click the radio button next to 'IPSec over TCP'. Leave the TCP Port at 10000
5. Click 'save'

Connect as normal.

Additional things to keep in mind:

Client currently does not support certificate authentication, Start Before Login, integrated firewall, 64bit, .MSI and logging is limited to file only and will not show up in the display window.

To enable MSI logging please see: http://support.microsoft.com/kb/223300

The DNEinst.log is located in: c:\windows\temp\dneinst.log

To enable Verbose logging of the client for troubleshooting connection related issues do the following:

1. Open the GUI and enable logging. Then close the GUI.
2. Open the vpnclient.ini file located in c:\program files\cisco systems\vpn client\vpnclient.ini and change the following loglevels to 15, IPSec, CVPND and IKE. Save and close the file.
3. Open the GUI and attempt to connect. Once you have run into the issue close the GUI and send the logs in c:\program files\cisco systems\vpn client\logs\* to vista-vpn@cisco.com.

At minimum try the following before contacting vista-vpn@cisco.com:

Reinstall the client, if the problem persists reinstall Vista RTM cleanly then the client and see if the problem still persists.

After reinstalling the client go ahead and email vista-vpn@cisco.com with the information regarding the issue. We do require the problems to be reproducable which means reinstalling Vista cleanly and then the client and seeing if the problem still persists.

Please include in your email to vista-vpn@cisco.com the following:

• State the problem, and the steps you took to run into the problem.
• What version of Vista and the client you have installed. ie Vista Business 32bit.
• Steps you have taken to troubleshoot.
• Install log and DNE log.