Resumen del contenido incluido en la página 1 
                    
                        Release Notes for VPN Client,
Release 4.0 through Release 4.0.5.D
CCO Date: December 6, 2004
Part Number OL-5450-10
Note You can find the most current documentation for the VPN Client at
http://www.cisco.com or http://cco.cisco.com. These electronic documents may
contain updates and changes made after the hard copy documents were printed.
These release notes support VPN Client software Release 4.0 through
Release 4.0.5.D. These release notes describe new features, limitations and
restrictions, c
                    
                    Resumen del contenido incluido en la página 2 
                    
                        Contents Installation Notes, page 5 New Features in Release 4.0, page 11 Usage Notes, page 14 Open Caveats, page 37 Caveats Resolved in Release 4.0.5.D, page 59 Caveats Resolved in Release 4.0.5.C, page 60 Caveats Resolved in Release 4.0.5.B, page 60 Caveats Resolved in Release 4.0.5.A, page 61 Caveats Resolved in Release 4.0.5, page 62 Caveats Resolved in Release 4.0.4.D, page 63 Caveats Resolved in Release 4.0.4.B, page 65 Caveats Resolved in Release 4.0.4, page 67 Caveats Resolved in Release 
                    
                    Resumen del contenido incluido en la página 3 
                    
                        Introduction Documentation Feedback, page 96 Obtaining Technical Assistance, page 96 Obtaining Additional Publications and Information, page 99 Introduction ® ® The VPN Client is an application that runs on a Microsoft Windows -based PC, a Sun ultraSPARC workstations, a Linux desktop, or a Macintosh (Mac) personal computer that meets the system requirements stated in the next section. In this document, the term “PC” applies generically to all these computers, unless specified otherwise. The VPN 
                    
                    Resumen del contenido incluido en la página 4 
                    
                        System Requirements Computer Operating System Requirements ® ® Computer with a • Microsoft Windows 98 or • Microsoft TCP/IP installed. ® Pentium -class Windows 98 (second edition) (Confirm via Start > Settings > processor or Control Panel > Network > • Windows ME greater Protocols or Configuration.) ® • Windows NT 4.0 (with Service • 50 MB hard disk space. Pack 6, or higher) • RAM: • Windows 2000 – 32 MB for Windows 98 • Windows XP – 64 MB for Windows NT and Windows ME – 64 MB for Windows 2000 (
                    
                    Resumen del contenido incluido en la página 5 
                    
                        Installation Notes Installation Notes Because of platform differences, the installation instructions for Windows and non-Windows platforms also differ. • Refer to the VPN Client User Guide for Windows, Release 4.0, Chapter 2, for complete installation instructions for Windows users. • Refer to the Cisco VPN Client user Guide for Mac OS X, Chapter 2, for complete installation information for those platforms. The following notes are important for users who are upgrading to Windows XP and users who
                    
                    Resumen del contenido incluido en la página 6 
                    
                        Installation Notes • jp (Japanese) To force an English only language install, enter the following command: msiexec /i vpnclient_setup.msi To force a Canadian French language installation, enter the following command, all on the same line: msiexec /i vpnclient_setup.msi TRANSFORMS=vpnclient_fc.mst;vpnclient_help_fc.mst To force a Japanese language installation, enter the following command, all on the same line: msiexec /i vpnclient_setup.msi TRANSFORMS=vpnclient_jp.mst;vpnclient_help_jp.mst Overr
                    
                    Resumen del contenido incluido en la página 7 
                    
                        Installation Notes Installation Notes - Windows Platforms In addition to the installation considerations for Release 4.0.3, Release 4.0.x includes the following installation considerations for Windows users: Installing the VPN Client Software Using InstallShield Installing the VPN Client software on Windows NT, Windows 2000, or Windows XP with InstallShield requires Administrator privileges. If you do not have Administrator privileges, you must have someone who has Administrator privileges insta
                    
                    Resumen del contenido incluido en la página 8 
                    
                        Installation Notes “Cannot find the file instmsiw.exe (or one of its components). Make sure the path and filename are correct and that all the required libraries are available.” -then- “Cannot find the file MSIEXEC (or one of its components). Make sure the path and filename are correct and that all the required libraries are available.” The Windows Installer (MSI) can be installed only on NT SP6, so the error messages you see using earlier service packs are due to an MSI incompatibility (CSCdy05
                    
                    Resumen del contenido incluido en la página 9 
                    
                        New Features in Release 4.0.5 Using the VPN Client • To use the VPN Client, you need: – Direct network connection (cable or DSL modem and network adapter/interface card), or – Internal or external modem, and • To connect using a digital certificate for authentication, you need a digital certificate signed by one of the following Certificate Authorities (CAs) installed on your PC: – Baltimore Technologies (www.baltimoretechnologies.com) – Entrust Technologies (www.entrust.com) – Netscape (www.net
                    
                    Resumen del contenido incluido en la página 10 
                    
                        New Features in Release 4.0.5 Group Authentication is a method that uses pre-shared keys for mutual authentication. In this method, the VPN Client and the VPN central-site device use a group name and password to validate the connection. This is a symmetrical form of authentication since both sides use the same authentication method during their negotiations. Mutual group authentication is asymmetrical in that each side uses a different method to authenticate the other while establishing a secure
                    
                    Resumen del contenido incluido en la página 11 
                    
                        New Features in Release 4.0 3. Configure a VPN Group to use the new IPSec SA from step 2. The VPN Clients under test for Mutual Group Authentication will be connecting to this group. New Features in Release 4.0 Release 4.0 of the VPN Client software includes the following new features. Virtual Adapter A virtual adapter is a software-only driver that acts as a valid interface in the system. Its purpose is to solve protocol incompatibility problems. The virtual adapter appears in the network prope
                    
                    Resumen del contenido incluido en la página 12 
                    
                        New Features in Release 4.0 Common Graphical Interface for Windows and Mac VPN Clients In Release 4.0, the VPN Client provides a consistent graphical user interface across all supported Windows operating systems and Mac OS X, recognizing that the Windows and Mac operating systems follow different conventions, and that the Windows version has additional features. The VPN Client documentation is based on this new user interface. Alerts (Delete With Reason) In Release 4.0, the VPN Client can displa
                    
                    Resumen del contenido incluido en la página 13 
                    
                        New Features in Release 4.0 Personal Firewall Enhancements In Release 4.0, the VPN Client supports Sygate Personal Firewall and Sygate Personal Firewall Pro, Version 5.0, Build 1175 and higher. Other supported features new with this release include: • The ability to enable or disable stateful firewalls from the command line. • Configurable ICMP permissions. Coexistence with Third-Party VPN Vendors In Release 4.0, the VPN Client is compatible with VPN clients from Microsoft, Nortel, Checkpoint, I
                    
                    Resumen del contenido incluido en la página 14 
                    
                        Usage Notes Enhancements to GINA Release 4.0.2 includes an improved application launch verification mechanism employed by the Graphical Identification and Authentication (GINA) dynamic-link library (DLL). This affects only the Windows NT4, Windows 2000, and Windows XP platforms (CSCeb12179). Usage Notes This section lists issues to consider before installing Release 4.0.x of the VPN Client software. In addition, you should be aware of the open caveats regarding this release. Refer to “Open Cavea
                    
                    Resumen del contenido incluido en la página 15 
                    
                        Usage Notes Windows NT Users running Windows NT 4.0 with Service Pack 4 require a hot fix from Microsoft for proper operation. This fix is available on the Microsoft GetHostByName API Returns Unbindable Address page: http://support.microsoft.com/support/kb/articles/Q217/0/01.ASP. Importing a Microsoft Certificate Using Windows NT SP3 The following problem has occurred on some Windows NT SP3 systems (CSCdt11315). When using the Client with digital certificates stored in the Microsoft certificate 
                    
                    Resumen del contenido incluido en la página 16 
                    
                        Usage Notes Wait a minute. If the PC is still not responding, press the reset button. When the PC reboots, it should not run through ScanDisk, indicating the shutdown was successful in closing all open files. This problem may occur on some PCs and not on others, and we are looking for a solution. Windows 98 shutdown has numerous issues, as can be seen the following Microsoft Knowledge Base Article: “Q238096 - How to Troubleshoot Windows 98 Second Edition Shutdown Problems” (CSCdt00729). Windows 
                    
                    Resumen del contenido incluido en la página 17 
                    
                        Usage Notes To work around this problem, do one of the following: • Be sure to disconnect the VPN Client before shutting down. If you are having problems, check your network properties and remove the WINS entries if they are not correct for your network. • Alternatively, enable “Disconnect VPN connection when logging off”. Go to Options > Windows Logon Properties, check Disconnect VPN connection when logging off (CSCdv65165). VPN Client May Falsely Trigger Auto Initiation Connection Event though
                    
                    Resumen del contenido incluido en la página 18 
                    
                        Usage Notes Network ICE BlackICE Defender Configuration Network ICE's BlackICE Defender is a traffic monitoring security product. If you properly configure it, BlackICE Defender can work with the VPN Client. You must configure BlackICE Defender for Trusting, Nervous, or Cautious mode. If you use Nervous or Cautious mode, add the public IP address of the VPN Concentrator to the list of trusted addresses. You can now configure the VPN Client to work with BlackICE Defender configured for Paranoid m
                    
                    Resumen del contenido incluido en la página 19 
                    
                        Usage Notes Adjusting the Maximum Transmission Unit (MTU) Value - Windows Only VPN Encapsulation adds to the overall message length. To avoid refragmentation of packets, the VPN Client must reduce the MTU settings. The default MTU adjusted value is 1300 for all adapters. If the default adjustments are not sufficient, you may experience problems sending and receiving data. To avoid fragmented packets, you can change the MTU size, usually to a lower value than the default. To change the MTU size, 
                    
                    Resumen del contenido incluido en la página 20 
                    
                        Usage Notes Connection Type Procedure Physical Use the SetMTU utility supplied with the Cisco VPN Client. Adapters Dial-up Use the SetMTU utility supplied with the Cisco VPN Client. PPPoE - All Windows XP only Vendors Use SetMTU PPPoE - Windows 98 EnterNet • On the main desktop, right click on My Network Places and go to Properties. The Network window opens. • Double-click the Network TeleSystems PPPoE Adapter. • On the Network TeleSystems window, click the Advanced tab, and then click MaxFrameS