For one specific user, after establishing a CAC-enabled VPN tunnel, it only lasts for 6 to 9 seconds and then disconnects. Renders a message box saying 'the smart card containing the certificate was removed'. For the record, the smart card is not really removed when this happens. This condition is persistent regardless of the card reader type, drivers or varying versions of the apps involved, which include:

Cisco VPN Client 5.0.07.0410 running on

Windows 7 Pro SP1 with    

ActivClient CAC x86 6.2.0.173 as middleware, with

Cisco ASA 5520 v8.2 (5) 41 hosting connection entries.

This issue seems to be CAC-related as User 1 experiences the issue on Clients A, B and C, whereas User 2 can stay connected fine on the same clients. I'm posting here because, as the attached vpn log suggests, there is a flag telling the VPN client to tear the tunnel down, based on smartcard disposition. Does anyone know what API is causing the VPN Client to terminate the tunnel? Could it be more a digital certificate condition, than the physical attributes of the CAC and reader (since it doesn't matter which reader it's used in)?

Is there anything the ASA could be kicking back that might contribute to this? Realistically seeking knowledge more than solution here, since it's assumed that replacing the users CAC will be a solid solution, with very little knowledge as to why it was happeing to begin with. Also the certificates in question are critical to too many other PKI resources(encrypted data most notably) to prematurely revoke them.

Thanks to all for any and all feedback.

Jonnie