CIS & Cisco VPN Client crashes Vista

Was wondering if anyone has found a solution for Vista crashing when connecting the Cisco VPN client up. This started happening after a CIS and Windows upgrade back in March. The VPN client starts and prompts for a login to the VPN concentrator, but after entering the username/password, about 3 - 4 seconds go by and Vista hangs entirely. No dump is created, no mouse or keyboard entering is possible. The only way out is to lean on the power button until the machine powers off. I have upgraded to the latest Cisco client, 5.0.05.0290 but that doesn’t help. The only thing that works is to uninstall CIS.

I have read other posts which keep telling to delete the vdata files, but these don’t exist in Vista. Every post I’ve read terminates without a solution. One peep stated that they installed CIS after the VPN client and that did the trick. I tried that, but it didn’t work.

I’ve opened a case with Cisco TAC, but they are probably going to point to CIS and say that it is the problem.

The only thing i can think is try putting CIS Defence + and Firewall in tranning mode

right click on the taskbar icon > Defence + security level > tranning

right click on the taskbar icon > Firewall security level > tranning
Then try running the the VPN client and see if it crashes, Make sure to switch the firewall and D+ after you run the VPN to Safemode again.

Hope this helps!

I had already attempted putting both firewall and defense into disabled mode with no luck. Changing them to training doesn’t change anything either. Workstation connects up to the VPN sometimes but hangs more often than not.

This is frustrating as I have to use the Cisco VPN client to access a multitude of customer’s networks. If there’s no solution, I’m going to have to find another firewall.

Try deleting the rules made for the VPN client when or before putting CIS in training mode.

When that doesn’t help disable the firewall and permanently disable D+. The latter can be done under Defense + → Advanced → Defense + settings → disable and reboot as required. Does the same thing still happen? If it does then we found a bug I think.

Eric, thanks for the advice. First off, I had uninstalled the entire CIS and the VPN client worked fine. Then I reinstalled just the antivirus portion (no firewall) and the VPN client still worked fine. When I saw your debugging suggestions, I reinstalled CIS firewall and did as you asked.

There were no rules under firewall, advanced, security policy. There was also nothing under defense plus, advanced, computer security policy. I connected up the Cisco VPN client to a remote site and it connected fine. (It does this maybe 20% of the time.) I disconnected the client and shut it down and then removed the allow IP out any any for the VPN client under firewall and also removed the custom policy created under defense plus. While still in training mode, I restarted the VPN client, attempted to connect and the workstation hung.

I rebooted, removed the two policies under firewall and defense plus same as before, deactivated defense plus permanently and rebooted. I attempted a VPN connection and it locked up the workstation again.

What now?

I am going to move it to the bugs board as it seems better at its place there.

Hello 95yj,

Are you able to reproduce this issue ?
I have the same issue but i can’t reproduce it everytime, it’s on and off “freezing” here.
If you can reproduce easy we could ask a developer to get in contact with you to find the problem.

It is intermittent, but it locks the PC more often than not, so I am able to reproduce it. Cisco TAC is also able to reproduce it, but they haven’t stated if they are going to develop a fix.

If you load a 2 1/2 year old version of the client, v5.0.02.0090, the freezing goes away, but this client doesn’t work well with Vista and it also doesn’t work well with the 8.x version of PIX/ASA code.

Can you PM me the TAC caseID the i can refer to your case and try to push a bit so ‘more’ users complain, maybe that helps :wink:

The above was from a PM from Ronny.

This appears to have solved the issue. I uninstalled Comodo firewall, uninstalled the Cisco VPN client then reinstalled the VPN client with the above command (you need to expand the zipped EXE before hand) and reinstalled Comodo firewall.

I have connected better than 20 times in a row to a number of Cisco ASAs, PIXs and routers and have not had the workstation hang yet.

Hi 95yj,

That’s good news :slight_smile:
Let’s see if i can follow that and see if it works for me also…

Hi Guys,

I have the same problem but a different set of software(vpn client & firewall driver) on Vista.
I am trying to VPN through Watchguard SSLVPM Box.

The Vista 32-bit OS freezes completely if I don’t re-authenticate within 10-20 seconds after the session expires.
Did you guys know what is the ROOT cause for the crash.

Yes the Cisco VPN Client contains a few firewall drivers from ZoneAlarm that are shipped with the installer wich conflict with CIS though it’s caused by the ZA drivers in this case.

See also this FAQ here

I have the same problem with XP Pro SP3. I have had this crash under 2 different scenarios: first, about a month ago, right before getting a new hard drive and motherboard. And then again last week.

* CPU (32 bit or 64 bit) 64 bit
* Operating System information (including Service Pack Version) XP Pro, SP3
* Actively-running security and utility applications  CIS only
* Specific symptoms of the bug, and steps you can take to reproduce it launch Cisco VPN, enter my login info, then BSOD
* Specific steps you have taken to try to resolve it.reinstall CIS, reinstall VPN, rename vs*dlls in system32
* Brief description of your Defense+ and  Firewall+ mode (Custom, Train with safe) sometimes one, sometimes the other plus mention if you modified any setting in ADVANCED section of D+ and F+ yes, I did
* If you pc reboots or you have a BSOD post in  BSODs: Please add your minidump files here sorry, I didn't save them
* Report if you are using an Administrator account Or a Limited User account. administrator

Before my hard drive problems, XP Pro was my main OS (I had Linux Debian Lenny running in a Sun Virtualbox VM). Afterwards, I reversed the OSs; Debian is now my main OS, and Microcrap Windoze is caged in a VM.

Reminder: the BSOD crashes happened in XP Pro in both environments (as the main OS and in a VM.) Also, uninstalling CIS fixed the problem in both environments (no BSODs, and the VPN connected successfully.)

Lastly, renaming the vs*.dlls (as suggested in the FAQ) stopped the BSODs, but the VPN client still couldn’t connect because of a “security policy” regarding the “stateful firewall.”

Since my employer requires Cisco VPN for remote connections, I can’t stop using it. I have had to uninstall CIS because of this bug.

I will try to use OpenVPN to duplicate the Cisco settings, but I don’t know if I can get that to work properly.

Hi ThomasMcA,

Please let you employer Techsupport contact Cisco in regards to this matter because the bug is caused by their VPNClient package, it’s not CIS’s fault that the Cisco drivers cause a BSOD in this case.

Comodo has been trying to convince Cisco to fix/change this but they haven’t been successful, i have also reported it to TAC but with the same result >:( you only get the “workaround” answer.