Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

vpn error

We are getting the below logs in cisco ASA 55xx firewall with 8.x version continously.

%ASA-3-713141: IP = x.x.x.x, Client-reported firewall does not match configured firewall: terminating tunnel. Received -- Vendor: Sygate(4), Product Sygate Security Agent(3), Caps: 0001. Expected -- Vendor: Cisco Systems(1), Product: Cisco Integrated Client(0x00000001), Caps: 0002.

where x are multiple ip addresses used by Ras users..

can someone please help me.....

1 ACCEPTED SOLUTION

Accepted Solutions
Super Bronze

vpn error

You can either change the firewall on the client's PC, or you can turn off the firewall checking for VPN Client if you don't actually use that feature. Because it hasn't failed the VPN Client connection, it is probably configured as an optional firewall setting on the ASA.

To disable it, you can configure the following under the respective group-policy:

client-firewall none

6 REPLIES
Super Bronze

vpn error

That means you are checking to see if you have firewall installed on the VPN Client's PC, and you have configured to see if Cisco Integrated Client firewall exists, while it detected Sygate firewall instead.

New Member

vpn error

Thanks for the update...!!!

Does this indicate any problem and is there any way to suppress these logs ?

Super Bronze

vpn error

You can either change the firewall on the client's PC, or you can turn off the firewall checking for VPN Client if you don't actually use that feature. Because it hasn't failed the VPN Client connection, it is probably configured as an optional firewall setting on the ASA.

To disable it, you can configure the following under the respective group-policy:

client-firewall none

New Member

vpn error

thanks for the update.. i think in stead of client-firewall none, we can even try firewall optional i guess.. correct me if i am wrong.

Super Bronze

vpn error

That is correct, you can have optional and the vpn will still get connected.

New Member

vpn error

thanks..this thread can be closed.

414
Views
0
Helpful
6
Replies