I uninstalled the client last night and re-installed, and it seems to be ok now.
From: Steven M. Caesare [mailto:scaes...@caesare.com] Sent: Friday, February 19, 2010 7:52 AM To: NT System Admin Issues Subject: RE: CISCO VPN Client +1 Altho it does tend to BSOD my Win7x64 laptop. -sc From: Anders Blomgren [mailto:chanks...@gmail.com] Sent: Friday, February 19, 2010 7:55 AM To: NT System Admin Issues Subject: Re: CISCO VPN Client An alternative is to use the client from Shrew Soft. I've used it on Win7 x64 to connect to both ASA and the older 3000. http://www.shrew.net/ -Anders On Thu, Feb 18, 2010 at 5:08 PM, Terry Dickson <te...@treasurer.state.ks.us> wrote: Not that I can help, but what issues? We still use the Cisco VPN Client and many of our machines are Win7 64 machines. Since Cisco will not make a 64bit version of the VPN Client we are looking at the anyconnect solution also. -----Original Message----- From: Ray [mailto:rz...@qwest.net] Sent: Thursday, February 18, 2010 9:48 AM To: NT System Admin Issues Subject: RE: CISCO VPN Client We're starting to see some issues with Win7 64 clients connecting. -----Original Message----- From: David W. McSpadden [mailto:dav...@imcu.com] Sent: Thursday, February 18, 2010 8:19 AM To: NT System Admin Issues Subject: Re: CISCO VPN Client The AnyConnect from Cisco uses a cert and is webbased, it is very easy to work with and the users are happy with it. -------------------------------------------------- From: "Charlie Kaiser" <charl...@golden-eagle.org> Sent: Thursday, February 18, 2010 10:14 AM To: "NT System Admin Issues" <ntsysadmin@lyris.sunbelt-software.com> Subject: RE: CISCO VPN Client > Hmmm. Yeah; that's a lot of overhead. Seems a shame to have to switch apps > because of a bad guy. That's an effective DOS attack, eh? I'd hesitate to > switch apps because I'd be afraid they'd do the same thing. But I don't > know > the AnyConnect app either. > > I seem to remember the VPN client could use certs as part of the auth. I > wonder if that feature could be utilized to block non-client access? I > haven't used the Cisco client for a year or so so I don't recall the > available options. > > > *********************** > Charlie Kaiser > charl...@golden-eagle.org > Kingman, AZ > *********************** > >> -----Original Message----- >> From: David W. McSpadden [mailto:dav...@imcu.com] >> Sent: Thursday, February 18, 2010 7:59 AM >> To: NT System Admin Issues >> Subject: Re: CISCO VPN Client >> >> They change every 20 or 30 hits. >> Mostly out of country. >> I started by setting up rules to block them but then I had >> about 100 rules to block and it became an all day job. >> Easier to move the authorized users to AnyConnect which is >> supported and kill the VPN Client which has end of lifed anyway. >> >> >> -------------------------------------------------- >> From: "Charlie Kaiser" <charl...@golden-eagle.org> >> Sent: Thursday, February 18, 2010 9:54 AM >> To: "NT System Admin Issues" <ntsysadmin@lyris.sunbelt-software.com> >> Subject: RE: CISCO VPN Client >> >> > Is there a way you can block the source IP(s) before they >> get to the >> > VPN endpoint? >> > >> > *********************** >> > Charlie Kaiser >> > charl...@golden-eagle.org >> > Kingman, AZ >> > *********************** >> > >> >> -----Original Message----- >> >> From: David W. McSpadden [mailto:dav...@imcu.com] >> >> Sent: Thursday, February 18, 2010 7:45 AM >> >> To: NT System Admin Issues >> >> Subject: Re: CISCO VPN Client >> >> >> >> I have Kiwi Syslogger setup to email me every failed attempt to >> >> authenticate through the VPN. >> >> It went from 2 or 3 a day from lusers to 2500 to 5000 a >> day and all >> >> accounts I don't have in AD and all originating from the >> VPN tunnel. >> >> So disabling the tunnel didn't work, had to remove the >> reference to >> >> the tunnel entirely. Now we are back to 2 or 3 a day. >> >> >> >> >> >> From: Bob Fronk <mailto:b...@btrfronk.com> >> >> Sent: Thursday, February 18, 2010 9:25 AM >> >> To: NT System Admin Issues >> >> <mailto:ntsysadmin@lyris.sunbelt-software.com> >> >> Subject: RE: CISCO VPN Client >> >> >> >> >> >> How did you discover this was happening? >> >> >> >> >> >> >> >> From: David W. McSpadden [mailto:dav...@imcu.com] >> >> Sent: Wednesday, February 17, 2010 1:30 PM >> >> To: NT System Admin Issues >> >> Subject: Re: CISCO VPN Client >> >> >> >> >> >> >> >> Ok. I am looking at that area under Remote VPN in >> Configuration and >> >> someone has my VPN Client info and they are trying a Brute Force >> >> Vocab attack to my AD's. So I have moved all my users to >> AnyConnect >> >> and I am ready to remove the VPN Client from the ASA or >> disable it... >> >> >> >> >> >> >> >> From: Jon Harris <mailto:jk.har...@gmail.com> >> >> >> >> Sent: Wednesday, February 17, 2010 1:24 PM >> >> >> >> To: NT System Admin Issues >> >> <mailto:ntsysadmin@lyris.sunbelt-software.com> >> >> >> >> Subject: Re: CISCO VPN Client >> >> >> >> >> >> >> >> Why are you getting rid of the VPN client? You don't >> remove it you >> >> disable it on the ASA. Just make sure all the rules are >> correct for >> >> the ASA first. >> >> >> >> >> >> >> >> Jon >> >> >> >> On Wed, Feb 17, 2010 at 1:13 PM, David W. McSpadden >> <dav...@imcu.com> >> >> wrote: >> >> >> >> >> >> >> >> Actually on the ASA. I think I have it found now but I am still >> >> testing. >> >> >> >> From: Jon Harris <mailto:jk.har...@gmail.com> >> >> >> >> Sent: Wednesday, February 17, 2010 12:10 PM >> >> >> >> To: NT System Admin Issues >> >> <mailto:ntsysadmin@lyris.sunbelt-software.com> >> >> >> >> Subject: Re: CISCO VPN Client >> >> >> >> >> >> >> >> Remove it is the best, they install into the same root directory >> >> under Program Files but have separate directories under >> that. They >> >> are separate programs as Microsoft sees them. >> >> >> >> >> >> >> >> Jon >> >> >> >> On Wed, Feb 17, 2010 at 8:07 AM, David W. McSpadden >> <dav...@imcu.com> >> >> wrote: >> >> >> >> Anyone point me on how to Disable the old CISCO VPN Client >> and leave >> >> the AnyConnect still enabled? >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> >> > >> > >> > ~ Finally, powerful endpoint security that ISN'T a resource >> hog! ~ ~ >> > <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ >> > >> >> >> ~ Finally, powerful endpoint security that ISN'T a resource >> hog! ~ ~ >> <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > > > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ > ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ > ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~ ~ Finally, powerful endpoint security that ISN'T a resource hog! ~ ~ <http://www.sunbeltsoftware.com/Business/VIPRE-Enterprise/> ~
