I don't work from home too often anymore, so I have no idea.
From: Steven M. Caesare [mailto:[email protected]] Sent: Friday, February 19, 2010 8:13 AM To: NT System Admin Issues Subject: RE: CISCO VPN Client It only happens to me occasionally.. Did it do it for you regularly enough for you to definitively know it fixed the issue? If so maybe I'll de-/re-install too. -sc From: Ray [mailto:[email protected]] Sent: Friday, February 19, 2010 10:01 AM To: NT System Admin Issues Subject: RE: CISCO VPN Client I uninstalled the client last night and re-installed, and it seems to be ok now. From: Steven M. Caesare [mailto:[email protected]] Sent: Friday, February 19, 2010 7:52 AM To: NT System Admin Issues Subject: RE: CISCO VPN Client +1 Altho it does tend to BSOD my Win7x64 laptop. -sc From: Anders Blomgren [mailto:[email protected]] Sent: Friday, February 19, 2010 7:55 AM To: NT System Admin Issues Subject: Re: CISCO VPN Client An alternative is to use the client from Shrew Soft. I've used it on Win7 x64 to connect to both ASA and the older 3000. http://www.shrew.net/ -Anders On Thu, Feb 18, 2010 at 5:08 PM, Terry Dickson <[email protected]> wrote: Not that I can help, but what issues? We still use the Cisco VPN Client and many of our machines are Win7 64 machines. Since Cisco will not make a 64bit version of the VPN Client we are looking at the anyconnect solution also. -----Original Message----- From: Ray [mailto:[email protected]] Sent: Thursday, February 18, 2010 9:48 AM To: NT System Admin Issues Subject: RE: CISCO VPN Client We're starting to see some issues with Win7 64 clients connecting. -----Original Message----- From: David W. McSpadden [mailto:[email protected]] Sent: Thursday, February 18, 2010 8:19 AM To: NT System Admin Issues Subject: Re: CISCO VPN Client The AnyConnect from Cisco uses a cert and is webbased, it is very easy to work with and the users are happy with it. -------------------------------------------------- From: "Charlie Kaiser" <[email protected]> Sent: Thursday, February 18, 2010 10:14 AM To: "NT System Admin Issues" <[email protected]> Subject: RE: CISCO VPN Client > Hmmm. Yeah; that's a lot of overhead. Seems a shame to have to switch apps > because of a bad guy. That's an effective DOS attack, eh? I'd hesitate to > switch apps because I'd be afraid they'd do the same thing. But I don't > know > the AnyConnect app either. > > I seem to remember the VPN client could use certs as part of the auth. I > wonder if that feature could be utilized to block non-client access? I > haven't used the Cisco client for a year or so so I don't recall the > available options. > > > *********************** > Charlie Kaiser > [email protected] > Kingman, AZ > *********************** > >> -----Original Message----- >> From: David W. McSpadden [mailto:[email protected]] >> Sent: Thursday, February 18, 2010 7:59 AM >> To: NT System Admin Issues >> Subject: Re: CISCO VPN Client >> >> They change every 20 or 30 hits. >> Mostly out of country. >> I started by setting up rules to block them but then I had >> about 100 rules to block and it became an all day job. >> Easier to move the authorized users to AnyConnect which is >> supported and kill the VPN Client which has end of lifed anyway. >> >> >> -------------------------------------------------- >> From: "Charlie Kaiser" <[email protected]> >> Sent: Thursday, February 18, 2010 9:54 AM >> To: "NT System Admin Issues" <[email protected]> >> Subject: RE: CISCO VPN Client >> >> > Is there a way you can block the source IP(s) before they >> get to the >> > VPN endpoint? >> > >> > *********************** >> > Charlie Kaiser >> > [email protected] >> > Kingman, AZ >> > *********************** >> > >> >> -----Original Message----- >> >> From: David W. McSpadden [mailto:[email protected]] >> >> Sent: Thursday, February 18, 2010 7:45 AM >> >> To: NT System Admin Issues >> >> Subject: Re: CISCO VPN Client >> >> >> >> I have Kiwi Syslogger setup to email me every failed attempt to >> >> authenticate through the VPN. >> >> It went from 2 or 3 a day from lusers to 2500 to 5000 a >> day and all >> >> accounts I don't have in AD and all originating from the >> VPN tunnel. >> >> So disabling the tunnel didn't work, had to remove the >> reference to >> >> the tunnel entirely. Now we are back to 2 or 3 a day. >> >> >> >> >> >> From: Bob Fronk <mailto:[email protected]> >> >> Sent: Thursday, February 18, 2010 9:25 AM >> >> To: NT System Admin Issues >> >> <mailto:[email protected]> >> >> Subject: RE: CISCO VPN Client >> >> >> >> >> >> How did you discover this was happening? >> >> >> >> >> >> >> >> From: David W. McSpadden [mailto:[email protected]] >> >> Sent: Wednesday, February 17, 2010 1:30 PM >> >> To: NT System Admin Issues >> >> Subject: Re: CISCO VPN Client >> >> >> >> >> >> >> >> Ok. I am looking at that area under Remote VPN in >> Configuration and >> >> someone has my VPN Client info and they are trying a Brute Force >> >> Vocab attack to my AD's. So I have moved all my users to >> AnyConnect >> >> and I am ready to remove the VPN Client from the ASA or >> disable it... >> >> >> >> >> >> >> >> From: Jon Harris <mailto:[email protected]> >> >> >> >> Sent: Wednesday, February 17, 2010 1:24 PM >> >> >> >> To: NT System Admin Issues >> >> <mailto:[email protected]> >> >> >> >> Subject: Re: CISCO VPN Client >> >> >> >> >> >> >> >> Why are you getting rid of the VPN client? You don't >> remove it you >> >> disable it on the ASA. Just make sure all the rules are >> correct for >> >> the ASA first. >> >> >> >> >> >> >> >> Jon >> >> >> >> On Wed, Feb 17, 2010 at 1:13 PM, David W. McSpadden >> <[email protected]> >> >> wrote: >> >> >> >> >> >> >> >> Actually on the ASA. I think I have it found now but I am still >> >> testing. >> >> >> >> From: Jon Harris <mailto:[email protected]> >> >> >> >> Sent: Wednesday, February 17, 2010 12:10 PM >> >> >> >> To: NT System Admin Issues >> >> <mailto:[email protected]> >> >> >> >> Subject: Re: CISCO VPN Client >> >> >> >> >> >> >> >> Remove it is the best, they install into the same root directory >> >> under Program Files but have separate directories under >> that. They >> >> are separate programs as Microsoft sees them. >> >> >> >> >> >> >> >> Jon >> >> >> >> On Wed, Feb 17, 2010 at 8:07 AM, David W. McSpadden >> <[email protected]> >> >> wrote: >> >> >> >> Anyone point me on how to Disable the old CISCO VPN Client >> and leave >> >> the AnyConnect still enabled? >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> > >> > >> > ~ Finally, powerful endpoint security that ISN'T a resource >> hog! ~ ~ >> > <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> > >> >> >> ~ Finally, powerful endpoint security that ISN'T a resource >> hog! ~ ~ >> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
