CISCO VPN Troubleshooting for Teleworkers

Today, telecommuting and flexible work place schedules have allowed the corporate workforce to be more productive. Remote access solutions coupled with VPN solutions, allow road warriors to access their corporate networks, data and other resources as needed.

During my technical support days, I often felt that users could do some troubleshooting on their own before getting on the line with their Help Desk team. Doing so would help them save time, be more efficient and of course have less dependency on their Help Desk.

Below, I have identified some common errors received by teleworkers and troubleshooting steps they may take before getting on the line with their support team.

Error 412 – Remote Host Not Responding

The Cisco VPN 412 Error is a common error received with the Cisco VPN client. This generally implies that you don’t have a valid Internet connection. You may follow these troubleshooting steps to resolve this error:

  1. Confirm whether or not you can browse the Internet. Open your command prompt window, and try pinging to different Internet sites. Try replicating the issue over any other transport (Ethernet cable, air card, Dial line).
  2. Check for any proxy settings on the network. If there is a proxy being used, clear the settings.
  3. Check for any blocked ports required for the Cisco VPN client to communicate with the concentrator. If you’re at a hotel, the hotel may be blocking the ports. Try talking to the hotel management to have this looked at.
  4. Check your Personal Firewall settings to ensure that no desired traffic is being blocked. Try turning off your Personal Firewall.
  5. Open the Cisco VPN profile in a VPN profile editor to change the setting ForceKeepAlive=0 to ForceKeepAlive =1
  6. Ensure that NAT-T/TCP in your profile is turned on. (Port 10000 in your firewall must be unblocked, or turn the firewall off temporarily).
  7. Check with your technical support to confirm that the concentrator you’re trying to reach is in operation. Try connecting to another concentrator (if applicable).

Error 403 – Unable to contact the security gateway

This error indicates that the Group ID and/or Group Password may be wrong in the Cisco VPN connection profile. If you know the correct Group ID and Group Password for the Cisco VPN profile, right-click on the connection profile and choose Modify. This will open the Authentication tab, and the Group Authentication text boxes will be displayed below

If you do not know the correct Group ID and Group Password, contact your local system administrator for further assistance.

Error 201 – The necessary VPN sub-system is not available

Error 201 on a Windows XP machine indicates that the Cisco installation is corrupted and the CISCO VPN client needs to be reinstalled. Navigate to Add/Remove Programs on your desktop, and remove the CISCO Systems VPN Client from your machine. Once the VPN client has been successfully uninstalled, install the VPN client and try connecting again. If the problem persists, contact your local system administrator for further assistance.

Error 51-Unable to communicate with the VPN subsystem

Cisco’s VPN Client error 51 is a very common error received on MAC OS’s. You may follow the below troubleshooting steps to fix this error:

  1. Reboot your MAC.
  2. Close the VPN Client window. Open a Terminal window (Applications-> Utilities-> Terminal) and enter one of the following:
  3. (For older versions)
  4. sudo /System/Library/StartupItems/CiscoVPN/CiscoVPN restart
  5. (For newer versions)
  6. sudo kextload /System/Library/Extensions/CiscoVPN.kex
  7. You will be prompted to enter a password. Enter the password and click Continue. This will stop and start the VPN Subsystem.
  8. Repair using Disk Utility.
  9. Navigate to Applications -> Utilities folder
  10. Launch the Disk Utility application
  11. Select your hard drive on the left.
  12. Click the Repair Disk Permissions button. It may take some time for repairing the Disk permissions.
  13. Quit the Disk Utility application
  14. Reboot and try to open the Cisco VPN Client again.

Leave A Reply

Your email address will not be published. Required fields are marked *