I've got a work laptop (Dell E6410). Now I should qualify I'm a member of my employers IT Service Desk and I'm trying to discover how to fix this problem as its becoming more and more common (to the point we've even opened a Problem Report PR) but I'm unsure if the network ops team have contacted the TAC for support.
What I've done in the VPN client is set "LOG LEVEL 15" against everything so it spits everything out for diagnosis. This laptop I have 2 weeks ago was fine, since then its been spitting 412 error. And its beginning to frustrate the userbase.
- Laptop types: Dell E6400/E6410/E4310
- Connection Types: WiFi, Cabled or NextG mobile devices.
- VPN Version: 05.00.0003.0560a
- VPN Type: We use Group Authentication for the profile, then RSA + Domain login on the other end.
- OS: Win XP SP3
What have we tried:
- Deleting and recreating the RSA SecurID account for the user
- Reimaging the laptop
- Reinstalling the VPN
- Repairing the laptop
- Recreating the *.pcf file for the profile.
Originally I had found if using a NextG device and turning off the WiFi it would stop the 412 error but that has stopped working as a workaround and I've tried on both a cable connection (Direct to modem) and direct to my routed/switched network at home. Same error on 2 different types of internet connection.
In the log when I set L15 debugging I found.... (and I've attached it)
148 17:29:10.890 06/07/11 Sev=Warning/3 CVPND/0xA340000D The virtual adapter was not recognized by the operating system.
149 17:29:10.890 06/07/11 Sev=Warning/2 CM/0xE310000A The virtual adapter failed to enable
356 17:29:33.453 06/07/11 Sev=Info/6 CM/0x6310003A Unable to restore route changes from file.
357 17:29:33.453 06/07/11 Sev=Info/6 CM/0x63100037 The routing table was returned to original state prior to Virtual Adapter
358 17:29:33.453 06/07/11 Sev=Debug/7 CVPND/0x63400015 Value for ini parameter VAEnableAlt is 1.
360 17:29:33.546 06/07/11 Sev=Info/4 CM/0x63100035 The Virtual Adapter was disabled
361 17:29:33.546 06/07/11 Sev=Warning/2 IKE/0xE300009B Failed to active IPSec SA: Unable to enable Virtual Adapter (NavigatorQM:936)
Phase 1 SA deleted before first Phase 2 SA is up cause by "Unknown". 0 Crypto Active IKE SA, 0 User Authenticated IKE SA in the system402 17:29:34.296 06/07/11 Sev=Info/4 CM/0x63100012 Phase 1 SA deleted before first Phase 2 SA is up cause by "Unknown". 0 Crypto Active IKE SA, 0 User Authenticated IKE SA in the system
I will try and find out what kind of end-point we have. But reading those snippits its like trying to activate the virtual adapter but can't seem to do it.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :