CPF and Cisco VPN

I had to look very deep in the forum to find the sollution to my problem, but I found it :smiley:
I have a question though…
Wouldn’t it be possible to change the program so that the problems with Cisco VPN don’t apear anymore without the user having to uncheck an option that could help keep the PC safe?
What exactly is wrong with the Cisco VPN protocol? I tested other firewalls and none ever gave me this problem…

Anyway, I want to give CPF a serious chance, because it has been rated as the best free firewall, even ahead of firewalls being payed for… Now that tells something about the soft!

And another (maybe stupid) question: I found the Dutch translation for CPF, but how do I implement it?


Welcome to the forum.
You have to have a beta installed to use the language files. Instructions are on the beta pages.

And yes, CF is THE best firewall… ;D

About Cisco I don’t know much… :wink:
Someone else might be able to help you with that one.

Hey Merlin, could you please post a link (or two) to the specific forum entry that helped you get past the problem(s) with the Cisco VPN client? :slight_smile:

I’ve installed Comodo on a Win2K system (all Windows Updates applied) with the Cisco VPN client and once I install Comodo I get the BSOD on dne2000.sys, which appears to be the Deterministic Network Enhancer installed in the Network Settings by the Cisco VPN Client. Note that this happens without running the VPN - in other words, with the Cisco VPN Client installed but not even running. I’d like to have both of these running happily next to each other and have been searching for a solution for several hours.

Other note: I have the same Cisco VPN client running with the Comodo on WinXPPro-SP2 with no problems whatsoever. This includes the Deterministic Network Enhancer. Interesting…

Sorry for the double post but felt I should pass on the following:

  1. Win2KPro with Cisco VPN Client v4.8.00.0440 and Remote Desktop: After installing Comodo PFW (tried four times with uninstalling Cisco VPN etc) and with Cisco VPN on or off (i.e. can be with it only installed but not running) attempting any kind of internet connection results in a BSOD on the dne2000.sys file (installed by the Cisco VPN Client). Only remedy is to uninstall Comodo.

  2. Running the same VPN Client on WinXPPro works just fine with Comodo.

  3. Because I have to use the Win2KPro machine for work (and thus the Cisco VPN Client is required) I decided to try an alternate FW. Installed Jetico PFW and it works perfectly.

So now I am running Comodo on the WinXPPro machine and Jetico on the Win2KPro machine. Will let you know what I find.

Thought you guys should know.

Have you tried a newer Cisco VPN client? v4.8.02.0010 is out :slight_smile:
Did you install the VPN Client before or after the Firewall? And did you try changing the install order?

I’ve never gotten any form of conflict between Cisco products and Comodo products before. I’m curious as to what triggered yours.

Did try installing in different order - more than once.

I have not been able to d/l a newer Cisco VPN Client as I have been trying to find our “contract code” or whatever is necessary to download the client from Cisco (sidebar: incredibly annoying imo that you can’t d/l the client more easily).

Do you by any chance have a hard link to the client? :slight_smile: If so, I would give it a whirl and see if that is the problem.

I have a feeling it isn’t though, since it runs just fine on WinXPPro-SP2 with the same setup. I’m thinking it’s something with the Win2KPro O/S networking file(s) (i.e. the dne2000.sys file sounds very Win2K-specific). I also noticed under TCP/IP in the LAN settings under Advanced that the setup installed IPSec on Win2KPro but not under WinXPPro. Those are the only differences I can see at this point.

Don’t have any links to offer except maybe torrent sites. Cisco is very protective about their programs, especially the ones offering encryption.
Once you locate your Customer-ID, I’d suggest you open up a TAC with Cisco (or search for previous TAC which relates to this problem). I’m very surprised that the Cisco VPN client doesn’t run smoother on a W2k system. Do the CFP logs provide any clues?

It appears to be a conflict with the “deterministic network enhancer” driver on Win2kPro and Comodo. I don’t think the Cisco VPN client is the problem, unless the dne2000.sys driver comes from their install files (I don’t know if it is or not yet). The DNE doesn’t show up on the LAN settings until the Cisco VPN client is installed.

When the VPN client is installed, trying to connect to the internet (either from a browser or from Comodo trying to install the license) gives the BSOD on dne2000.sys.

I tried removing the DNE from the network settings, but then the Cisco VPN client doesn’t work.

Unusual too is that when I remove the DNE from the network settings but still leave the VPN client installed, Comodo doesn’t give me the BSOD (obviously because the dne2000.sys file is gone) but instead there is no connectivity whatsoever with anything outside the local LAN - it seems to “kill” connectivity except locally. Opening any browser, pinging, etc. fails. Very strange.

Bottom line: there appears to be some kind of conflict between that version of the Cisco VPN client and Comodo on Win2kPro. Unfortunately I don’t have enough time at the moment to analyze it much more since I have to use the computer for work all the time. I’ll see if I can get an update to the VPN client and let you know what I find.

some of our users previously reported this issue :
That VPN client uses ZoneAlarm (vsdatant.sys) and it is the possible reason. you can either try the BETA version of CPF to see if they are compatible or delete vsdatant.sys and retry after restarting.

Let us know if these solve the problem pls.


egemen: I’ll give this a shot either over the weekend or next week and let you know if it does or doesn’t work.

Thank you very much.

Just to clearify, Cisco does NOT use ZoneAlarm. Nor does it install any firewall from Zone Labs. The file vsdatant.sys could be a part of the packet inspection function integrated into the Cisco VPN client, which Cisco “bought” from CheckPoint. Also known as the Stateful Firewall (Always on) feature.
I’ve used Cisco VPN client on NT, W2k and XP without any of these problems mentioned, so reading about this incidents is interesting. I did a google-search and discovered a thread about it which recommended renaming the vsdatant.sys file (gotta be done in safe-mode).
Might help solving the problem :slight_smile:

I thought that was the case as well, Triplejolt, based on reading other Cisco VPN client posts.

I don’t run the VPN client with the “stateful firewall” on, but will check when I get a chance here if that makes any difference and try the renaming (or deleting/moving) of that vsdatant.sys file.

Not sure if this is relevant but my dne2000.sys file is dated 06/29/2005 whereas the majority of files in the Cisco VPN client installation folder are dated mostly 11/04/2005, so my guess is that the dne2000.sys file is not one supplied by Cisco (although of course it could be).

I’m working on getting a new Cisco VPN client from work - this is my preferred first course of action.

Will keep you posted.

My vsdatant.sys file is dated January 26. 2005, but was accessed today (as I normally use the VPN client on a daily basis). This makes me believe it’s accessed by Cisco VPN, but doesn’t derive from the installation package. In my opinion it’s from Microsoft.
The dne2000.sys file is dated October 2. 2006 and could be a part of the VPN bundle supplied by Cisco, but I’m not sure. Atleast the one located in my system32 folder was accessed today along with the vsdatant.sys file. So they’re both accessed and used by Cisco VPN. If these are the source of your bluescreens, I can’t tell. But it sure is an odd behaviour. I’d still wanna log a TAC with Cisco, just to make them aware of this.

Having the Stateful Firewal (always on) ticked “on” just prevents packets from routing out the same interface or being spoofed. This is a very basic packet inspection filter, and shouldn’t cause bluescreens like that. More like loss of connectivity, eg. time-outs or unreachables.
Does the release notes tell you anything regarding Cisco VPN and W2k workstations?

We just got to solve this one now…

Same issues here, with a few added details:

WinXP, fully updated, new format and install.
CPF 3.
Just installed Cisco version 5.0…
Set up client.

When I connect, I get an instant BSOD. This is fully reproducible.

After renaming vsdatant.dll, vsutil.dll, and vsinit.dll, no more BSOD. BUT, I cannot connect, as there is a ‘firewall policy mismatch’.

After renaming those files to their original names, I get the BSOD (after restarting, of course).

I then tried exiting CPF. Still get the BSOD.

I then tried going through CP->Administrative->Computer Management->Show hidden devices->Non-plug and play(expand this)->Right-click vsdatant and disable. Restart.

No BSOD. But the same ‘firewall policy mismatch’.

I hope this is helpful. It seems like the ZA components crash CPF, but without them I cannot get a connection.

Any suggestions?