Author Topic: CPF with Cisco VPN Client causes blue screen crash  (Read 12767 times)

Offline snowbug

  • Newbie
  • *
  • Posts: 1
CPF with Cisco VPN Client causes blue screen crash
« on: May 13, 2007, 11:03:11 PM »
I have to use Cisco VPN Client to connect to a remote secure network. With CPF installed, the computer simply crashes in blue screen even if I exited the CPF.

This problem also exists with a number of other firewall software, while there are some that work well with the Cisco VPN Client. I sincerely wish this can be fixed in the future releases, but for now, I had to uninstall CPF :(

Offline tod

  • Newbie
  • *
  • Posts: 1
Re: CPF with Cisco VPN Client causes blue screen crash
« Reply #1 on: May 14, 2007, 12:05:14 PM »
I'll second this issue.

Further information.
The installation of the CPF worked fine and I was able to set up new rules.
I then started up the Cisco VPN client and was able to choose a connection, enter the password and click OK, then the computer blue screened.

Same thing happens even IF the CPF is turned off right after boot up.

Computer:
HP dv9000 laptop with Windows XP MCE (Yeah I know, but it's what came on the laptop. As soon as I have the time I will be wiping it and installing Windows XP Pro.)

I have been forced to uninstall CPF as I must be able to use the Cisco VPN client from this computer. This really "bums me out" since I don't trust the XP-SP2 firewall on hostile networks.

Offline markoto

  • Newbie
  • *
  • Posts: 1
Re: CPF with Cisco VPN Client causes blue screen crash
« Reply #2 on: May 20, 2007, 06:29:27 AM »
I have exactly the same problem. I've used Comodo Firewall Pro 2.4.18.184 together with Cisco VPN Client 4.8.02.0010. I got a blue screen crash during connecting via the Cisco client. The only solution was to deinstall the Comodo firewall.

Obviously a number of users report of similar problems with other firewalls, too. One user suggested to deactivate the stateful firewall integrated in the Cisco VPN client by via "device manager -> non-PnP drivers -> vsdatant" (you need to "show hidden devices" in the device manager). But my Cisco client would refuse to connect with deactivated "vsdatant" device.

Well, any other solutions?

Offline Schlappwurst

  • Newbie
  • *
  • Posts: 1
Re: CPF with Cisco VPN Client causes blue screen crash
« Reply #3 on: June 01, 2007, 01:24:40 AM »

I've got the problem as well ... using the Cisco Systems VPN Client 4.8.01.0300 and Windows XP Prof SP1!

I tried to disable the statefull firewall in the "device manager" but then the VPN-Server refuses the connection ...   :(

Maybe one of the Comodo guys could tell us if they are working on it ... this problem should be fixable (other firewall can handle this).


... Schlappwurst
... Schlappwurst

Offline Little Mac

  • Forum Volunteer
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 6303
  • The Colonel told me to.
Re: CPF with Cisco VPN Client causes blue screen crash
« Reply #4 on: June 01, 2007, 11:49:28 AM »
This topic:  http://forums.comodo.com/index.php/topic,6788.0.html has  link to a thread in the Outpost forum where they discussed the exact issue, and it seemed that the ZA elements packed with the VPN were at the root of it.  It may be worth a read.  They specifically mention the total removal of certain registry entries, or if going thru the dev mgr, Uninstalling (as opposed to Disabling) vsdatant...

LM
These forums are focused on providing help and improvement for Comodo products.  Please treat other users with respect and make a positive contribution.  Thanks.
Forum Policy

Offline mike.batcheler

  • Newbie
  • *
  • Posts: 9
Re: CPF with Cisco VPN Client causes blue screen crash
« Reply #5 on: June 12, 2007, 03:45:59 AM »
Hello
I have similar crashes with Cisco VPN 4.8 and CPF. My PC (XP, SP2) goes black and restarts when I reach the VPN banner screen of the remote secure network. Done various uninstalls + reinstalls in various orders. VPN only works when Comodo PF uninstalled.

I've read the many posts on CPF forums and the web, including the references to Outpost (as above).  But... When I rename vsdatant.sys (as *.old) the PC doesn't crash but the VPN client doesn't match the firewall policies of the secure network, so I can't get in.  I assume this means I need the stateful firewall functions (said to be of ZA origins) in Cisco VPN. I'm trying to lobby a change in network policy at work but I don't like my chances (8000+ employees).

Regarding the above suggestion to follow the Outpost work-around (vsdatant and registry edits), I've recently done a clean re-install of XP so an anxious about editing the registry unless its very likely to work, and I assume it won't given renaming vsdatant violates my work's secure network policies.

So three questions:
1. Has anyone with this problem actually tried the Outpost workaround? To what effect? does your secure network require the Cisco stateful functions?

2. Has anyone who found CPF wouldn't work found a firewall that will work with Cisco VPN 4.8?  I've read ZA 6.5 might (and 7 likely won't) but given the drama of removing ZA I'm not sure if I want to go there.

3. have the friendly folk at Comodo acknowledged this issue for a fix? Its been plenty mentioned in the forums but as yet no FAQ or other official reference (that I can find). I've been impressed by CPF and don't want to give it up yet need the VPN

Thanks for any light you can shine on this...

Offline Little Mac

  • Forum Volunteer
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 6303
  • The Colonel told me to.
Re: CPF with Cisco VPN Client causes blue screen crash
« Reply #6 on: June 12, 2007, 10:11:12 AM »
Mike,

I am positive I have read here in the forums, a post or posts wherein the issue was addressed and resolved.  I can't put my finger on it at the moment, though.

Here's a post where the user says the Outpost workaround did indeed work (links to the post with the Outpost link...)  http://forums.comodo.com/help/cisco_vpn_and_comodo_conflicts-t8237.0.html;msg63679#msg63679

Here are some others where solutions were posted, that were stated by the user to work...

http://forums.comodo.com/help/windows_xp_pro_sp2_cisco_vpn_client_402a_working_config-t5323.0.html

http://forums.comodo.com/help/cisco_systems_vpn_client_version_48010300-t4960.0.html

http://forums.comodo.com/help/cisco_vpn_will_not_work_with_running_cpf-t6004.0.html (partial repeat, but some additional info as well)

And the official Comodo response, from the FAQ http://forums.comodo.com/faq_for_comodo_firewall/cisco_vpn_client_and_comodo_firewall_blue_screen_problems-t2791.0.html

Hope that helps,

LM
These forums are focused on providing help and improvement for Comodo products.  Please treat other users with respect and make a positive contribution.  Thanks.
Forum Policy

Offline mike.batcheler

  • Newbie
  • *
  • Posts: 9
Re: CPF with Cisco VPN Client causes blue screen crash
« Reply #7 on: June 13, 2007, 03:43:00 AM »
Hi Little Mac
thanks for your reply. I've re-read the posts including the outpost post.

As the outpost post says, "its all about getting rid of ZA". Problem is, our IS dept confirms if I do this (scuttle the cisco/ZA stateful firewall) it will violate the network policy on the cisco consolidator so I won't get in. Now, I'm a bit in the dark on this but I assume the various Outpost related registry changes are about a clean scrub of ZA elements and hence will not aid my case. Hence I remain reticent as I wouldn't know how to get them back with ease.  No one on that post mentions if their secure network policy requires the stateful inspection ZA thingy, but I can't see what else they are trying to achieve.

In the CPF FAQ (http://forums.comodo.com/faq_for_comodo_firewall/cisco_vpn_client_and_comodo_firewall_blue_screen_problems-t2791.0.html) tripplejolt's final comments leave the question hanging but panic comments that if you can't get in (to the secure network) without vsdatant then you're stuck.  So I guess I'm stuck. the rest of the posts appear to be about various configurations of CPF which I have tried but these do not solve the BSOD for me at least.

Other's also stuck may like to know the IS people at my work say Kerio works for them with Cisco VPN but I'm yet to try it (I know CPF also works for some people with Cisco VPN).

If you come across any solutions where people retained the cisco VPN statefull functions with CPF then please let me know.

Thanks

Mike

Offline Little Mac

  • Forum Volunteer
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 6303
  • The Colonel told me to.
Re: CPF with Cisco VPN Client causes blue screen crash
« Reply #8 on: June 13, 2007, 09:43:31 AM »
Mike,

I'm sorry that didn't do it for you.  I had hopes when I saw confirmations of solutions that worked.  I understand, though, in that you're somewhat at the mercy of the system, since you're not in control of it.

Yes, as I understand it the registry scrub is about cleaning out ZA elements.  As far as getting them back, that is easily accomplished, and I can tell you how... 

You go to Start/Run and type in "regedit" (without the quotes).  This will open the registry editor. 

Go to File/Export.  This will open your 'My Documents' folder, where you will name the registry file and save it.  This creates a backup copy of your entire registry. 

Then you follow the instructions to remove the specific registry keys for the various ZA elements.

Then you can try to see if the solution works, and you can get in as you need to, etc.  If it does not work, or if it trashes it in some other way, you can restore those by one of two means...

1)  Open Regedit again, go to File/Import, and select that registry file you exported earlier

or

2)  Open your 'My Documents' folder, and double-click the registry file you exported earlier

LM
These forums are focused on providing help and improvement for Comodo products.  Please treat other users with respect and make a positive contribution.  Thanks.
Forum Policy

Offline mike.batcheler

  • Newbie
  • *
  • Posts: 9
Re: CPF with Cisco VPN Client causes blue screen crash
« Reply #9 on: June 21, 2007, 04:28:08 AM »
a final note for anyone else stuck with this problem. Kerio (now sunbelt kerio or something) does work with Cisco VPN and allows the stateful firewall functions. No BSOD. But Kerio isn't really free - a 30 day trial then ICS gateway stops and some report nag screens.  I'll be trying CPF 3 when it arrives.

Offline Little Mac

  • Forum Volunteer
  • Global Moderator
  • Comodo's Hero
  • *****
  • Posts: 6303
  • The Colonel told me to.
Re: CPF with Cisco VPN Client causes blue screen crash
« Reply #10 on: June 21, 2007, 09:26:36 AM »
Hey Mike,

Thanks for the tip.  I realize they're two different animals, but can you share the steps to take with Kerio to get it work?  Did you have to do anything specific, or was it automatic?  Whatever you did (or didn't do), do you know why it worked?  Perhaps there's some cross-over info we can apply...

Tnx,

LM
These forums are focused on providing help and improvement for Comodo products.  Please treat other users with respect and make a positive contribution.  Thanks.
Forum Policy

Offline alphaa

  • Newbie
  • *
  • Posts: 4
Re: CPF with Cisco VPN Client causes blue screen crash
« Reply #11 on: June 23, 2007, 08:59:22 AM »
Instead of hunting for these fixes why isn't this fixed by the vendor? I just moved to this from Filseclab based on a fairly comprehensive review of firewalls that rated COMODO has the best choice and Filseclab was in their bottom group. Never had this problem with Filseclab and am really liking COMODO but Cisco VPN is required for my job so I'll have to try the next one on the list.

Offline mike.batcheler

  • Newbie
  • *
  • Posts: 9
Re: CPF with Cisco VPN Client causes blue screen crash
« Reply #12 on: June 23, 2007, 06:32:13 PM »
LittleMac
I just installed Kerio and it worked.  no thinking or cleverness required.

It was an older version - 4.2.2 -  said to be without nag screens on expiry (tho still stops ICS after 30 days), but i never tried it for that long. (Rumor has it newer versions have more nagging and no new features so I went for this one). I noticed Kerio slowed my internet connection so i'm currently back with comodo (without VPN!) and still searching for a better option. I may try Kerio 2.? - last of the truly free Kerios but with lower security. Or brace myself for settings-hell and try Jetico.

I've been watching www.scotsnewsletter.com where he is searching for the perfect firewall but he hasn't had the Comodo and Cisco VPN problem. Would be good if CPF 3 fixed the problem, or someone could figure out why some folk have this clash and some don't. In this case I'm pretty sure its not a clash with some weird 3rd party software as I recently did a clean install of XP and there was little else loaded prior to comodo and cisco VPN.

Cheers
Mike

Offline alphaa

  • Newbie
  • *
  • Posts: 4
Re: CPF with Cisco VPN Client causes blue screen crash
« Reply #13 on: June 23, 2007, 07:02:39 PM »
I've been getting my list to try from this site: http://www.matousec.com/projects/windows-personal-firewall-analysis/leak-tests-results.php

The next free one on the list after COMODO is Jetico Personal Firewall and so far I'm reallying liking it. Causes no issues with Cisco VPN either. When compared to COMODO I'm liking both but obviously prefer Jetico for the time being because of the no VPN problem.

I can't seem to figure out how to control every thing I could in COMODO so if they ever fix COMODO I'd probably come back but till them I'm going to give Jetico a solid run.

Offline mike.batcheler

  • Newbie
  • *
  • Posts: 9
Re: CPF with Cisco VPN Client causes blue screen crash
« Reply #14 on: June 24, 2007, 07:28:17 AM »
hey alphaa
can you keep me posted on this, like if you can get your head around jetico. does it save your settings or drive you crazy with questions. are you using the free or trial/paid?
are you using ICS - with success?
thanks

 

Seo4Smf 2.0 © SmfMod.Com | Smf Destek