I have been struggling with this problem for months and I've been searching through the various forums & documentation here trying to find a solution and I'm pretty much at a complete loss.

The problem is that a remote user (regardless of connction type, broadband, dsl, dialup, et. al) establishes a vpn session and within a period of 2 to 3 minutes it's terminated with the infamous 412 error. After looking at the log entries on both the concentrator & the client, about the only thing odd I can find is that the DPD ACK seq# expected value is offset by 2 when compared to the seq# received.

And about the only consistant thing is that once the agent on the endpoint starts spitting out dpd values that are not matching, it's only a matter of time before the session is terminated.

I have enclosed both the concentrators live log and the client logs for the time this is happened. And at this point the problem is fairly consistent.

I've set up a 3005 concentrator in my office and am trying to simulate the general environment that my users are usually in. And the configuration is as follows:

3005 running 4.1.7Q

PC Running Windows XP SP2 (including all current hotfixes and patches)

Symantec (Sygate) SPA 5.1 build 6501

Cisco VPN client 4.8.01.0300

If anybody could think of something I'm missing or can see something in the logs where something doesn't seem right, please let me know as I've got a huge target on my back and a herd of really irate remote users looking for me.

Thanks in advance,

Brian Saloum