12-15-2010 10:08 AM - edited 02-21-2020 05:01 PM
Hi,
My LENOVO G450 laptop is having WINDOWS VISTA HOME PREMIUM edition.
Normal VPN client is not working for VISTA, so I tried Cisco AnyConnect VPN Client.
It's giving following error
The server certificate received or its chain does not comply with FIPS. A VPN connection will not be established.
Can anyone please give me the solution about how to setup a VPN connection on VISTA HOME PREMIUM edition.
Thanks & regards,
12-15-2010 10:23 AM
Please refer this doc:
https://supportforums.cisco.com/docs/DOC-14180
And dont forget to reboot after making the change.
12-16-2010 06:11 AM
Thanks for your help Rahul Govindan,
But I am not able to take remote desktop of my office compter from my laptop
its giving following errors (attached in the jpg file)
Note: I already allowed this pool i.e. 192.168.25.0/24 pool (which is for outside VPN users) in my asa firewall to my office computer.
12-16-2010 06:18 AM
Rahul,
can You ping from Your PC this remote IP (RDP) ?
Reagrds
GN
12-16-2010 06:49 AM
once only it was successful, but at that time not able to take remote desktop.
and after that no ping & no remote desktop, but vpn stats is showing connected and also showing time from when it is connected
on firewall I am able to see in monitoring section = > vpn tab = > filter by - ssl vpn client
my username & ip (ip from outside users vpn pool), group policy connection profle, profile encryptio, login time duration, bytes tx & rx
12-16-2010 06:56 AM
I believe that You're connected to VPN server (that shows in ASA VPN tab) but there is no communication inside VPN tunnel.
I believe this is caused by faulty NAT or acl NAT configuration on vpn server (ASA).
Paste Your ASA config here...
12-16-2010 07:55 AM
Hi grzegorz.niecka,
I am also thinking the same.
Please find the following configuration on my ASA
****************************************************************************************************************************
tunnel-group DefaultWEBVPNGroup general-attributes
address-pool PuneWebVPN
default-group-policy WEB_VPN
ip local pool PuneWebVPN 192.168.25.1-192.168.25.250 mask 255.255.255.0 (ip pool for outside vpn users)
group-policy WEB_VPN internal
group-policy WEB_VPN attributes
dns-server value 172.20.1.199 4.2.2.2
vpn-tunnel-protocol svc
split-tunnel-policy tunnelspecified
split-tunnel-network-list value 30
default-domain value ****************.com (sorry, hidden because of security)
webvpn
svc keep-installer installed
svc compression deflate
svc ask none default svc
access-list NONAT extended permit ip 172.20.0.0 255.255.240.0 192.168.25.0 255.255.255.0
access-list rahula extended permit tcp 192.168.25.0 255.255.255.0 host 172.20.5.6 eq 3389
(my office pc allowed from outside vpn user pool matching to my username "rahula")
nat (inside) 0 access-list NONAT
nat (inside1) 0 access-list NONAT
**********************************************************************************************************************
Thanks & regards,
12-16-2010 06:22 AM
Thanks for your help Rahul Govindan,
But I am not able to take remote desktop of my office compter from my laptop
its giving following errors (attached in the jpg file)
Note: I already allowed this pool i.e. 192.168.25.0/24 pool (which is for
outside VPN users) in my asa firewall to my office computer.
On Wed, Dec 15, 2010 at 11:53 PM, rahgovin <
12-16-2010 07:41 AM
Does the statistics page on the Anyconnect Gui show packets encrypted and decrypted?
Run captures on the inside interface of your ASA to see if packets are making it back to the firewall. Also a packet tracer on the return traffic will show what rules and nat it is taking. Also you can see for any logs specific to the traffic in the ASA.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide