Hi Gino.

Sorry for having it put into so simple examples and let me correct this: ALL applications seem to have this kind of problem!

- Thunderbird (cant connect to mailbox)

- IE

- Firefox

- Winamp

etc...

interesting enough, the commandline/shell still sees the correct DNS-Server. So I'm really not sure wether the problem lies within the adress resolution OR the routing... It seems to me though, that the effect gradually kicks in and affects locations that have not been 'visited' in a while. Eg: an already  playing winamp-stream or skype-session continue 'playing', while in the meantime browsers & email-client can't connect to new servers anymore...

Small addition:

To eliminate network issues, we just tried a Mac with 'Cisco IPSec' and everything worked out fine... so it seems to be a vista (or windows) issue...

any tips?

1. Is it happening on all windows pc?

2. Can you collect the event logs when trying to browse after connecting to VPN, and attach it?

3. Are you pushing any domain name through the VPN?

Sent from Cisco Technical Support iPhone App

1: Tested on the single Vista-Machine only. Could run a test on WinXp.

2: Which logs:

   - Routerlogs

   - Windows Events (if yes, which exactly?)

   - Cisco-VPN-Client Logs (if yes, where are they)?

   (Can i mail them so i don't have to post potential sec-risks?)

3. No, no domain-Names are pushed. Target is a small DMZ with essentially a single Box.

-- Wrong post updated.

Message was edited by: Ramya D.S

Hey Pat,

1. Can you please test if from winXP?

2. Please send me a PM with the logs attached, through the CSC mail.

3. Would you be able to uninstall the client and reinstall. Use Windows cleanup utility to do a clean uninstall.

@ Ramya,

No problem.

Ok... here's that:

We had checked the routing table with "netstat -r" and DNS-entries before. According to the sysadmin it all looked "ok" (needless to say that we seem to be missing something there)...

So I wanted to triple-check yesterday and when starting the VPN-Client it did not start but instead went into the MSI installation routine trying to find the original installer to pull something out from. But since that got moved/deleted, the client was not able to start again... Is that normal behaviour?

Needless to say that the box is virus-safe (avast) and malware-free (antibyte), windows defender is on...

any help appreciated..

Hi pat,

I would suggest that you check your machine routing configuration using route -4 print in cmd.exe so that you would see if split tunneling is applied or not.

you can as well force routing, for example use (cmd.exe must be run as admin)

route ADD 8.8.8.8 MASK 255.255.255.255 X.X.X.X (X.X.X.X is your default gateway), then ping 8.8.8.8 (it is Google DNS)

route will be deleted after reboot or use route delete 8.8.8.8 ...

Regards,

Bastien

Problem seems solved:

I uninstalled the VPN-Client and reinstalled a different version (5.0.07.0410): no more problems.

Routing table now looks different and one suspicious entry for 0.0.0.0 (which was double before)  does not show up anymore.