Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2258
Views
0
Helpful
1
Replies

Cisco VPN Software Client Error - Can you decode?

davidhvoss
Level 1
Level 1

‎10-14-2005 04:11 PM - edited ‎02-21-2020 02:02 PM

Hi there. I don't have access to this system, only the info below. The Cisco VPN client has not been working recently and it appears it can't pull a cert. Not sure, this isn't my arena. Can you decode this and tell me what's wrong?

A fingerprint system attempts to communicate with a VPN (Concentrator or router) hub site but cannot do so. No communications for 3 days.

The Log:

Cisco Systems VPN Client Version 4.0.3 (A)

Copyright (C) 1998-2003 Cisco Systems, Inc. All Rights Reserved.

Client Type(s): Windows, WinNT

Running on: 5.1.2600

1 15:44:23.225 10/14/05 Sev=Warning/2 CERT/0xA360000A

Could not load certificate cn=XXXXXXX34,ou=XXXX-XXX-FINGERPRINT-SYSTEM,o=XXXX,l=Washington,st=DC,c=US from store Microsoft User Certificate. Reason: cert not found

2 15:44:23.225 10/14/05 Sev=Warning/2 CERT/0xA3600004

If you are using a smartcard or token containing a certificate, verify that it is plugged in and try again.

3 15:44:23.225 10/14/05 Sev=Warning/2 IKE/0xE3000007

Unable to open certificate (cn=XXXXXXX,ou=XXXX-XXX-FINGERPRINT-SYSTEM,o=XXXX,l=Washington,st=DC,c=US).

If you are using a smartcard or token containing a certificate, verify the correct one is plugged in and try again.

4 15:44:23.225 10/14/05 Sev=Warning/2 IKE/0xE3000099

Failed to open my certificate (Connection:196)

5 15:44:23.225 10/14/05 Sev=Warning/2 IKE/0xE3000098

Failed to set up connection data

Labels:
0 Helpful
1 Reply 1

thebigc
Level 1
Level 1

‎10-18-2005 07:19 AM

You're right about it not being able to pull the cert.

My guess is that something has sent the fingerprint reader a bit screwy. It could be something as simple as the user's profile became locked and a new one created - which would give them a new (and empty) certificate store. Does the reader work for other operations, e.g. system logon, file encrypt/decrypt, etc?

If using 2k or XP check that the user doesn't have multiple profile folders in Doc&Settings. If he/she does then its a fair bet that once they re-enroll they'll be working again. Have them try this even if their profiles are good, as it should create a new known good cert.

Also check the contents of the user's cert store: Start>Run>mmc, then press Ctrl+M > Add > Certificates [My User Account] and have a look in Personal>Certificates

If this still doesn't work, what's the fingerprint system being used, perhaps that'll give a clue for a workaround.

HTH,

Colin

0 Helpful
Customers Also Viewed These Support Documents