Cisco SSL VPN Client, why do you hate Vista?
February 5, 2010 8:39 AM   Subscribe

Does anyone have experience with the Cisco SSL VPN Client, running under Vista/IE8?

I've got a client I'm trying to do a small freelance project for. They've given me access to their network via a VPN. To use it, you go their VPN web page (using IE 8, but that's the least of my problems), login, and it then it uses what I'm assuming is a ActiveX control to download the "Cisco SSL VPN Client".

I cannot get this to work under Vista (SP2). I've been able to get it to work under a XP VirtualMachine (with a linux host, of all things), but my laptop dual boots Ubuntu & Vista. The only help I've found (here) suggests Vista isn't supported with IE7, but since I've gotten IE8 to work I'm assuming the problem is Vista.

The sysadmin at this company (who I'm doing this project for, as well) apparently looked into it and told me nope, Vista's not supported. That's as far as we've gotten.

I can't believe there isn't a workaround. Vista's been around for 3 years now! I'll even try my netbook (Win7), but I can't work on that for any period of time so it's not a good solution.

Worst case scenario I'll use an XP VirtualBox VM under Vista, but I can't believe that's the solution -- there has to be something better than that.

I realize this is a one of those overly technical questions that don't always do so well here on AskMeFi, but I figure it couldn't hurt to see if anyone had any ideas at all, or even better googling skills than I have. Thanks in advance!
posted by cgg to Computers & Internet (5 answers total) 1 user marked this as a favorite
If it's the same type of Cisco SSL VPN client we use at work (and from a very quick Google search, it does appear to be), then there's no way we've found to make it work with anything newer than XP.

Well, to be more specific, anything you can access through the http proxy portion of it will work, but they may not be using that (and it tends to break with a lot of things, like Outlook Web Access).

But when you try to run the little Java applet that makes remote servers accessible directly via TCP connection, that applet can't do its thing on newer OSes. It works by opening ports locally and then adding entries your hosts file to make server names resolve to various localhost IP addresses.

As far as we can tell, Vista and Win 7 have added some security so that apps can't hack your hosts file any more, so name resolution doesn't work. Since it's not being actively developed by Cisco any more, we don't expect this to ever get solved.

You might be able to make it work anyway if you can figure out entries to add to the hosts file manually, but we figured that was pretty unreasonable to expect our users to be able to do that. So we're moving to other VPN connectivity solutions instead. For a while we were looking at XP under VirtualBox too, and it works fine for this.
posted by FishBike at 8:52 AM on February 5, 2010

I'm running the AnyConnect VPN Client (version 2.4.0202) on Win 7. It's the 64-bit version. I don't know if there's a different version number for the 32 bit version. I installed it manually, can you get the client and the connection info and do that?
posted by IanMorr at 9:20 AM on February 5, 2010

You can also try to run IE under the "Run as Administrator" feature. It's in the right click context menu. I'm not sure if this will pass proper administrative rights on down to the applet, but it's worth a try. I've never used the client you're talking about, but this little trick has saved me from old software time and time again.

It's also worth noting that you really shouldn't run IE like that on the open internet.

It's also worth noting that this Mac user/Linux admin thinks the answer to all Windows problems start with right clicking something.
posted by advicepig at 9:21 AM on February 5, 2010

try QuickVPNPlus
posted by pyro979 at 11:57 AM on February 5, 2010

ShrewSoft VPN Client is free, can directly import the Cisco .pcf files, and works on Vista and Win7, 32 and 64 bit.

Haven't used it personally but several friends say it works great.

Also is an open-source command line client.
posted by SpookyFish at 12:56 PM on February 5, 2010

« Older But its a deduction on the list YOU gave me!   |   This show taught me about making pro and con lists... Newer »
This thread is closed to new comments.