Showing results for 
Search instead for 
Did you mean: 

Vpnclient command line Password limited length


I am using command line  vpnclient.exe connect <profile> user <username> pwd <password> to establish my Vpn connections.

If my pwd is longer than 32 characters, it is truncated

When I use vpngui.exe instead, I can type more than 60 characters and it works.

Why such a difference ?

What character set can be used for password ?

I am programatically calculating a hashed password which results in special characters (with accents)

For now, I convert password to an Hex string which doubles password length, but sometimes, I would need more than 32 characters

Authentication is done on radius server, which is not length-limited.

So , is it possible to extend and normalize vpnclient.exe to vpngui.exe capabilities ?


Jennifer Halim
Cisco Employee

Your description sounds like a bug to me.

I would suggest that you raise a TAC case so the issue can be further investigated and if it is a new bug, the TAC engineer can assist with raising a new bug, otherwise, if it is an existing bug, they can point you to the bugID and resolution.

Unfortunately, I have just a PICA end user contract and I am not able to open a TAC request.

I tried other methods to have a longer password:

- using vpngui.exe which is command-line capable, but not documented

    it has the same limitation than vpnclient.exe

- storing UserPassword in pcf profile

   I run vpnclient or vpngui without -pwd

  but also fails (guess it reads pcf profile before adding it to command line)

- running vpngui and typing (or pasting) pwd in the password prompt

  it succeeds with a password (length <= 60 chars)

  my problem is to program it (get window title, and send password to this window), not very smart

- another way could be to use vpnapi.dll directly

I am running Windows Seven with 64bit Vpn client

But I am sure that only the VA interface module was rewritten

Then, other component are 32bit (or 16bit !) old ones and come from first releases despite the fact they claim to be 5.00.07 ones.

Cisco is pushing licensed anyconnect vpn client but makes few efforts to improve IPsec software client.

For example, VpnAPI tools are old and incompatible with 5.00 release

Try to find by yourself.

May be I will move to Shrew Vpn, which becomes mature.

It's a pity

Recognize Your Peers
Content for Community-Ad