I have encounter problem during access ASA5520 firewall with Windows XP SP3 and Windows 7. The error message prompt "the vpn client is unable to establish a connect". I'm using Anyconnect version 2.4.1012. This version is working fine on windows xp sp2. Any suggestion above case?

here is my config

ASA Version 8.2(2)

!

hostname ciscoasa

enable password 8Ry2YjIyt7RRXU24 encrypted

passwd 2KFQnbNIdI.2KYOU encrypted

names

!

interface GigabitEthernet0/0

nameif outside

security-level 0

ip address 192.168.8.154 255.255.255.0

!

interface GigabitEthernet0/1

shutdown

no nameif

no security-level

no ip address

!

interface GigabitEthernet0/2

shutdown

no nameif

no security-level

no ip address

security-level 100

ip address 192.168.18.1 255.255.255.0

!

interface Management0/0

nameif management

security-level 100

ip address 192.168.1.1 255.255.255.0

management-only

!

boot system disk0:/asa822-k8.bin

ftp mode passive

dns domain-lookup outside

dns domain-lookup inside

dns domain-lookup management

access-list inside_access_in extended permit ip any any

access-list outside_access_in remark Allow HTTP Servers

access-list outside_access_in extended permit tcp any 192.168.8.0 255.255.255.0

eq www

access-list outside_access_in remark Allow HTTPS Services

access-list outside_access_in extended permit tcp any 192.168.8.0 255.255.255.0

eq https

access-list inside_nat_static_2 extended permit ip host 192.168.18.10 any

pager lines 24

logging asdm informational

mtu outside 1500

mtu inside 1500

mtu management 1500

ip local pool SSLClientPool 192.168.18.30-192.168.18.40 mask 255.255.255.0

no failover

icmp unreachable rate-limit 1 burst-size 1

no asdm history enable

arp timeout 14400

global (outside) 101 interface

nat (inside) 101 0.0.0.0 0.0.0.0

static (inside,outside) 192.168.8.153  access-list inside_nat_static_2

access-group outside_access_in in interface outside

access-group inside_access_in in interface inside

route outside 0.0.0.0 0.0.0.0 192.168.8.1 1

timeout xlate 3:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02

timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00

timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00

timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute

timeout tcp-proxy-reassembly 0:01:00

dynamic-access-policy-record DfltAccessPolicy

http server enable

http 0.0.0.0 0.0.0.0 inside

no snmp-server location

no snmp-server contact

snmp-server enable traps snmp authentication linkup linkdown coldstart

crypto ipsec security-association lifetime seconds 28800

crypto ipsec security-association lifetime kilobytes 4608000

vpn-addr-assign local reuse-delay 5

telnet timeout 5

ssh timeout 5

console timeout 0

dhcpd address 192.168.18.40-192.168.18.45 inside

dhcpd dns 192.168.8.3 192.168.8.155 interface inside

dhcpd enable inside

!

dhcpd address 192.168.1.2-192.168.1.254 management

dhcpd enable management

!

threat-detection basic-threat

threat-detection statistics access-list

no threat-detection statistics tcp-intercept

webvpn

enable outside

svc image disk0:/anyconnect-dart-win-2.4.1012-k9.pkg 1

tunnel-group-list enable

group-policy SSLVPN internal

group-policy SSLVPN attributes

dns-server value 192.168.8.3

vpn-tunnel-protocol svc

default-domain value infrasys-intl.com

address-pools value SSLClientPool

username ken_ng password lkHaRkzaC9oN1mhm encrypted privilege 0

username ken_ng attributes

vpn-group-policy SSLVPN

tunnel-group vpn type remote-access

tunnel-group vpn general-attributes

address-pool SSLClientPool

default-group-policy SSLVPN

tunnel-group vpn webvpn-attributes

group-alias SSLVPNClient enable

!

class-map inspection_default

match default-inspection-traffic

!

!

policy-map type inspect dns preset_dns_map

parameters

message-length maximum 512

policy-map global_policy

class inspection_default

  inspect dns preset_dns_map

  inspect ftp

  inspect h323 h225

  inspect h323 ras

  inspect rsh

  inspect rtsp

  inspect esmtp

  inspect sqlnet

  inspect skinny

  inspect sunrpc

  inspect xdmcp

  inspect sip

  inspect netbios

  inspect tftp

  inspect ip-options

  inspect icmp

!

service-policy global_policy global

prompt hostname context

call-home

profile CiscoTAC-1

  no active

  destination address http https://tools.cisco.com/its/service/oddce/services/DD

CEService

  destination address email callhome@cisco.com

  destination transport-method http

  subscribe-to-alert-group diagnostic

  subscribe-to-alert-group environment

  subscribe-to-alert-group inventory periodic monthly

  subscribe-to-alert-group configuration periodic monthly

  subscribe-to-alert-group telemetry periodic daily

Cryptochecksum:d2c6b7225dfdd6a39b9197259e961d07

: end