Kurt,

You're 100% right, the problem is Cisco has ignored complaints so numerous it'd be impossible to count for so many years.  There's just no excuse for it, IMHO.  You might have alienated some of the heavy iron folks at Cisco, but now I'm in good company that you've joined me ;-)

BSB

Replacing QVPN is *somewhat* beyond of my control . Your comments are heard loud and clear (and monitored) by everyone here from Cisco, including management. We thrive to make thing easy and simple, but sometime it might not according to the plan. We tried QVPN and it seemed to work consistently here.

Brian, for further investigation, can you tell us:

1. What OS is your client machine (Vista, XP, etc.) ?

2. Does it also happen on different pc?

3. Can you connect w/o certificate installed?

I'm working to find out how to collect more information for debugging purpose (e.g. wireshark, log, etc).

Don,

I appreciate your comments; however, unfortunately they're the same ones we've been hearing for years right along with zero movement on a real solution. Given the huge numbers of QVPN complaints both in Cisco’s own forums and in 3^rd party forums, it’s of little consolation that Cisco can get it to work internally.

We’ve had QVPN fail to work on various flavours of Windows from Win XP Home all the way to Win 7 Ultimate, so it’s hard to tell you which ones don’t work, but I can tell you that it’s very close to if not over 50% failure rate.  Of course, when you do have problems with QVPN, if the customer’s router is out of warranty then you, even as a Cisco Partner, get zero help from support.  The high failure rates even showed through on virgin virtual machines.  At one point I offered to send an XP VM to Cisco so you could test it yourself but no one ever seemed interested.  I am happy to go back and see if I still have that VM if anyone is interested.

In the end, the other major problem that’s totally ignored is the security issues QVPN creates.  It’s supposed to keep things safe but in fact it opens the parent LAN to all the junk the user has locally because you’ve forced them to run as an administrator.  That Cisco is seeming unable to grasp this risk is unacceptable.  What’d I’d like to see is a statement by Cisco’s Chief General Council stating that QVPN is safe to use in a medical practice and that it in no way creates a HIPPA violation and that Cisco will fully back any customer found to have had a HIPPA breach due to the requirements of QVPN.  I’m betting that statement will never happen.  If Cisco isn’t willing to stand behind QVPN like that why should anyone trust it?

As for debugging, it’s moot.  I don’t care to debug it.  Cisco is saying to its SMB customers that it doesn’t understand or respect their need for true safety by not fixing the admin requirements of QVPN.  The point of my post was to find out what Cisco’s road map is and if it’s not one of replacing QVPN then we have several customers who won’t be buying Cisco small biz equipment next time around.  It’s that simple.

BSB

Brian,

We hear you loud and clear.

The RV0xxV3 only introduces few changes from its previous version such as hardware design (cpu, mem) and discovery feature (bonjour). It reused a lot of previous software and QVPN didnot get any new facelift. Having say that, we value your input and many issues that you raised are important and hitting right on the money. We will incorporate in RV0xxV3 the enhancements that you and others has recommended. For some enhancements, we might not be able to do it due to complexity of software change for the time being. However many feedbacks/recommendations were generic (log details, login input focus, gui arrangement, status display, etc) and if we're not able to do it w/ RV0xx, we definitely will incorporate in other (future) router model.

As far as QVPN concern, we are moving away from it and will use CiscoVPN as new alternative. I do not know the timeline or which specific (future) router will have it but that's future plan.

Once again, thank you for your input and tremendous EFT effort.

Best regards,

Don