Windows 7 64 bit VPN Client – ShrewSoft
Ok, so I couldn’t get Cisco’s VPN client to work for Windows 7 64 bit. So I went in search of another VPN solution that would be more compatible.
(UPDATE: I got ShrewSoft’s VPN Client working, so keep reading down below.)
I came across ShrewSoft’s VPN Client a while ago, but it originally blue screened my Windows 7 box, but it was a version that didn’t support Windows 7. However they have a new version that is out that is for Windows 7 64 bit. Actually they now have a release version on their download site but there is a beta of the next version (Update 3/05/2010)2.1.6-beta-6 that your may want to use (or a later version if you are reading this well after I wrote or updated it). See the comments on why.
I installed it and it requested a reboot so I rebooted, and the first good news is that I didn’t blue screen when my workstation booted up. Horray!!!
After installing, I tested undocking my laptop from its docking station and then docking my laptop, and again, no blue screens, so I think it is good to go. Now I just have to figure out how to configure it to connect here at work.
I like the license, they say:
Stay tuned for more testing….
Ok…I am back for more notes.
At work we are using a Cisco VPN solution, so it turns out that when my Cisco VPN would install on a 32 bit machine, it used a .pcf file. Well, guess what is awesome about ShrewSoft’s VPN Client? It can import a .pcf file.
I imported the .pcf file and I appear to connect, then disconnect. Not sure what is going on. I am at work, but I should be able to connect to the VPN while at work, at least that is what my IT staff said.
So hopefully it connects when I am at home.
Here is my log:
configuring client settings …
attached to key daemon …
peer configured
iskamp proposal configured
esp proposal configured
client configured
local id configured
pre-shared key configured
bringing up tunnel …
network device configured
tunnel enabled
session terminated by gateway
tunnel disabled
detached from key daemon …
I will try to debug later…
All right I am back again and I am trying to debug.  I found this post:
http://lists.shrew.net/pipermail/vpn-help/2009-October/002282.html
There is a program under Start | All Programs | Shrew Soft VPN Client called “Trace Utility” that is installed with the Shrew Soft VPN Client can be used for debugging. However, it wouldn’t work for me. The buttons weren’t enabled.
I had to right-click on the “Trace Utility” shortcut and choose “Run as administrator” then I was able to turn on debugging.
Positives for Shrew Soft VPN Client
– It has a debugging utility.
– It supports Windows 7 64 bit
– It imports cisco .pcf files.
– There is a lot of documentation.
Negatives for Shrew Soft VPN Client
– I don’t have it working yet
– There is not really any clear failure reason for a user.
So I will keep at it. I think I am about going to email the developer, but I sure don’t want to bug him.
Hopefully for some of you, it worked first time for you when you imported the .pcf file.
Got it working
Another positive.  The developer has a mailing list, as you saw with one of my links above.  I found this link:
http://lists.shrew.net/pipermail/vpn-help/2009-October/002275.html
The key piece of information I needed was this:
In the tool, after importing my .pcf file, I only had to make one configuration change. I had to change the PFS setting to “group 2”. See this screen shot.

So I have this working now.
I have to say that I am very impressed with Shrew Soft. It took me some time to figure it out, but it works. Now the only question time will tell is how stable it is. Expect an update in a week or two about whether I think the Shrew Soft VPN Client is stable.
The steps are easy for me to connect to my VPN at work. Now every VPN is different so I am sorry if these steps don’t work for you:
- Use the correct (and latest) version: 2.1.6-beta-6 or later
- Install Shrew Soft VPN Client
- Reboot.
- Import the .pcf file.
- Modify the configuration and change the PFS setting to “group 2”.
- Apply the configuration.
- Click connect.
- Enter your domain user and password and you will connect.
Success!!!!
Also, I exported my configuration as a Shrew Soft VPN Client export, which is a .VPN file. When I import it, I don’t have to make a configuration change like I did with the Cisco .pcf file.
Key words: cisco vpn window 7 64 bit


Welcome to the world of adult Dating loveawake.ru
glouces
blog topic
[…] PDF File Name: Windows 7 64 bit vpn client – shrewsoft | rhyous PDF Source: www.rhyous.com Download PDF: Windows 7 64 bit vpn client – shrewsoft | rhyous […]
[…] PDF File Name: Windows 7 64 bit vpn client – shrewsoft | rhyous PDF Source: www.rhyous.com Download PDF: Windows 7 64 bit vpn client – shrewsoft | rhyous […]
[…] Windows 7 64 bit VPN Client – ShrewSoft | Rhyous – Stay tuned for more testing…. Ok…I am back for more notes. At work we are using a Cisco VPN solution, so it turns out that when my Cisco VPN would install on a 32 …… […]
[…] Windows 7 64 bit VPN Client – ShrewSoft | Rhyous – Ok, so I couldn’t get Cisco’s VPN client to work for Windows 7 64 bit. So I went in search of another VPN solution that would be more compatible…. […]
Fantastic web site. Lots of helpful info here. I am sending
it to several pals ans also sharing in delicious. And naturally, thank you for
your sweat!
When you purchase services or goods online with Paypal, and the vendor steals your cash or sends you merchandise or software that does not meet your demands,
then you can obtain your money back through Paypal in less than 24 hours.
It makes sense to be cautious and take your time when jailbreaking so as
to avoid any problems. As with anything popular, there are typically
folks that make an effort to get users to install fake jailbreaking software and apps, which means you have t
be careful nearly the apps you use for jailbreaking and be
careful on the subject of the free apps you decide to download as
well as install found on your iPhone.
One site has a workaround to get Candy Crush on Kindle Fire HD, which requirers some side-loading of
a third party app on the tablet. She brings years of experience as a small business consultant to helping prospective clients understand the ways in which a website may benefit them both personally and professionally.
From there you can check ‘delete all’ to remove all unwanted e-mails.
[...] Windows 7 64 bit VPN kliense. Ezzel viszont az volt a baj, hogy körülményes a beállítása és az eddigi próbálkozások sorra kudarcba fulladtak. De sikerült felkutatni a megoldást. Nem részletezném túlzottan, aki VPN klienst használ, [...]
I use version 2.1.7 and it works great with 1 exceprion. It locks out everyone from web access when I turn it on and then keeps the lockout when I release it from a wireless connection. Any clues would be helpful. I'm not entirely sure it not a router settings. I'm using wireless from a Verizon fios router. I don't think the same symptoms happen from wired connections.
Yes, works for Windows 2008. very impressed. Just changed to group 2. No Cisco VPN clients working at the mo. this is so awesome
worked for me on windows 8. thanks you so much!
Hi,
Im getting below error, please help me to fix this.
attached to key daemon ...
peer configured
iskamp proposal configured
esp proposal configured
client configured
pre-shared key configured
bringing up tunnel ...
negotiation timout occurred
tunnel disabled
detached from key daemon ...
Thanks,
Have been using the Shrewsoft client (2.1.7) for a while on Windows 7 and Vista quite reliably - though it cant hadle the PC going to sleep (you need to restart the Shrewsoft services to get it going again).
What I've recently found is that Win-7 64-BIT with Service Pack 1 it breaks it - no traffic leaves the PC. Upgrading to the latest Beta 2.2.0 cures the issue but this release does start to fragment the VPN packets on Phase 2 so if your firewall is set to block fragmented packets it will block the VPN - the cure is to allow fragmented packets on the firewall (if you have set to block those).
After struggling to get passed SA failures on Phase2, I was able to display the"statitics" from the system tray icon of my Cisco VPN connection(from a another PC) and correctly modify my HMAC and Transform Algorithm settings. Previously I used the Shrew VPN Trace utility, "SA tab" to check for 2 "mature" connections. If they say LARVAL and disappear, your phase 2 settings are wrong.
I agree with tchildy. I'm running Win7 Ultimate x64 (on a Macbook Pro using Boot Camp, no less) and with the 2.1.7 stable release it would work on wired connections but not wireless no matter what I changed, but the 2.2.0 beta release "just worked" with wireless, no problems at all.
Thank-you! I too only got to the tunnel enabled point... the phase 2 connection setting change did the trick for me!
Thank you.
That´s a good trick for me too.
Good Info here. I use Shrewsoft and it connects and seems to work fine. However the network connection on shows 10Mbps. How can I get it faster?
Thanks tchildy! I got stuck at the same point: Shrewsoft VPN Client works like a charm to connect to our IPCop VPN-Gateway using IPSec from 32Bit Windows machines. But on Windows 7 / 64Bit it would only use the wired but not the wireless adapter. So I installed the latest beta which is 2.2.0-beta-2 right now. But for me now nothing works anymore. When connecting, Shrewsoft Client is not accepting the password that is needed to decrypt the PFCS12 Certificates. Any ideas?
This site was very helpful, but http://www.shrew.net had the answer.
My Problem: The Shrewsoft VPN client worked great for me on Win7 64bit when wired. When wireless it did not work. I tried the suggestion at the top of changing Group 2 (didn't help).
Prem said "Disable "Microsoft Virtual WiFi Miniport Adapter". I couldn't find that adapter.
Then I found the Shrew.net article at their support site. The wireless issue was a known problem with 2.1.7 at Prem said and he had the fix. Client 2.2.0 fixes this. 2.2.0 wasn't gold code yet, but I installed 2.2.0 beta 2 and everything is working for me...wired and wireless. Thanks guys for your help. I will be 'donating' to Shrew.net.
Same issue: wired works, wireless did not. Installed the 2.2 A/B/RC and all worked fine! Thanks for the suggestion.
Great man, I was already having an endless arguing with our Customers in mind to have them change their VPN policies, but changing the setting as described worked like a charm for me!
I have tried to import a .pcf file and i m trying to connect. The tunnel is enabled but established = 0. The trace utility shows the below error. Please help
11/04/16 16:04:12 !! : peer violates RFC, transform number mismatch ( 1 != 13 )
11/04/16 16:04:12 !! : invalid private netmask, defaulting to class c
It worked for me - note: I only had to update the ShrewSoft's VPN client - so *no* change in settings! Many thanks!
Thanks, you saved my day, worked perfectly without any tweaking.
Fresh install of Windows 7 64 bit. I can connect using Shrewsoft Access Manager 2.1.7, but cannot do anything with the client site. I tried remote desktop to a server and it does not seem to find it. I tried pinging the server while connected on VPN with no luck. It is as though I can connect, but that's it. I don't have remote desktop capabilities and cannot ping machines with IP addresses since maybe the VPN DNS doesn't contain the server names. Worked fine until Windows 7 came into play. Arrgh! Any sssistance would be greatly appreciated.
Thanks.
J. T.
same to me, tracked down to the Default gateway which is 0.0.0.0, in stead of the same as my IP number.
somebody fixed this already??
I', using the latest release (2.1.7).
I had the same problem and got the remote desktop working by disabling NAT Traversal under Shrewsoft VPN Access Manager -> Options -> Client -> Firewall Options. I was using 2.2.0 beta-1 version of Shrewsoft.
Sam
Thanks Sam.
Your solution worked perfect !! 🙂
my friend can you help me how to set-up this shrewsoft?i don't know where to get this .pcf file and i also don't know what .pcf is.can you pls help me with this.i live here in saudi arabia and most of the sites are block.pls email me if you have something that can help me..thanks is advance..(tantmeux@yahoo.com)
You don't need a PCF file. A PCF file is a configuration file for a Cisco VPN client. If you already had a Cisco VPN client working on XP, you can export the PCF and ShrewSoft can use it to get the configuration needed.
If you don't have a PCF file, and your VPN admin cannot get you one, then you need to talk to your VPN administrator to get the settings needed. If you cannot talk to your VPN administrator, then you are left guessing.
I got 2.1.7-stable release and installed on a brand new win7 64 bit professional. When I rebooted it, it shuts down my intel wi-fi connection. However my wireless connection was still available and I am able to browse without any issue.
Started the access manager (vpn client), imported my cisco profile and hit connect. Surprise, it connected without any issue. (I was hoping to see atlease one issue, but it surprised me.)
The cool thing is, it connected with the Cisco RSA VPN gateway with my softtoken with out any issue. (The IBM fingerprint access manager saved this authentication in its profile as well).
Now, I can get to my office system much faster than XPMode based cisco vpn client.
My only other question is, 'How to make the shrewsoft client as a windows taskbar icon like cisco client does?' I think, I should read the shrewsoft faq to figure this out.
Thanks
Using V2.1.7 and importing Cisco PCF works fine for me.
Under Win7 x64 cable Connection is ok, but via WLAN cant create tunnel.
Any suggestions?
Email you hardware/os and info to the shrew soft mailing list.
Check that the ShrewSoft IPSEC Daemon Service is started.
I came across a link to your site from Toms hardware I believe it was. I was looking into VPN's. However I'm a complete noob at least with this software in particular.. and it seems like all others are not free. I am running windows 7 64bit.. so I figure the best person to ask might be you since you got this working. Now don't laugh... Once you install ShrewSoft’s VPN Client ... what do you do?
Okay I realize there are installed components, access manager and the trace component. I was trying to play around with the manager and was baffled as to what I use as a host or IP... I'm assuming you have something like a proxy server it connects to? This is something you need to obtain (how? where? uhhh...)... or does this software create a list for you? Well, none the less I didn't get it working but I was very curious if it is possible. I am just a home user, so this isn't business related. I haven't really played with software like this enough to know what I am doing or what I need before using it may be useful. Any thoughts or help would be appreciated. 🙂 Maybe is a home user dummy's guide.
P.S. I used to be fairly competent at one point.. at least managed to run red hat Linux back when I was 12 and how I have no freaking clue about anything these days.. go figure.
Hello
i am using the version Version 2.1.6 i made the change that you recomend in PFS exchange --> phase2 but i receive the follow error i am using Windows 7 Home premium 64 bits
config loaded for site 'australia-sydney-nsnvpn1.pcf'
configuring client settings ...
attached to key daemon ...
peer configured
iskamp proposal configured
esp proposal configured
client configured
local id configured
pre-shared key configured
bringing up tunnel ...
network device configured
tunnel enabled
session terminated by gateway
tunnel disabled
detached from key daemon ...
thanks a lot for your help
i have installed 2.1.5 , imported my pcf and can connect to my work but I can't browse my network anyone else have this occurred?
running windows 7 64-bit. Downloaded 2.1.5, imported pcf file used with my cisco vpn client... others at work connecting thru the same vpn gateway have been able to successfully connect with no changes to their pcf options. However, i get connected and then get the "session terminated by gateway tunnel disabled detached from key daemon" message. tried changing the phase 2 PFS exchange to "group 2" as suggested in other posts, but session still terminated. downloaded the 2.1.6 beta version as some have said corrected the problem, but got same result. any other suggestions? does it make sense that co-workers are able to use their cisco pcf file which is identical to mine and have success?
sorry...i'm using 2.1.6 beta 8
Downloaded 2.1.5 beta 8, followed the steps, but it wouldn't get past the "session terminated by gateway" error. After seeing that some had success with disabling the "Phase 2" PFS setting, that also worked for me. I was able to stay connected and map network drives. My only issue now is that I cannot connect to a secured remote desktop through this VPN connection. I work for a Hospital and our software is through an ASP which is locked down to allow only connections from certain IP addresses. I've never had issues before when I used to connect from a 32 bit system with Cisco's VPN client. Anyone have any suggestions?
Thanks
Default settings (auto for PFS) works for me. Thanks.
Thanks a lot! You saved me a lot of time and frustration. In case anyone is interested I got mine working by changing the PFS setting to “disabled″
Thanks, the PFS Exchange setting fixed this for me as well!
OS: Windows Server 2008 R2 64 bit.
I had the 2.1.5 release build and it worked fine until I tried it with a RSA soft token. Found this article and tried the 2.1.6-beta-8 stable dev build, based on some comments above. Voila! Thank you all!
I have downloaded version 2.1.5 of Srewsoft VPN client and trying to coonect from home - win XP to work where recentlu updated my pc to win 7 64-bit. I have used before Cisco client that i have uninstalled now. I'm getting this error message
.....
local id configured
pre-shared key configured
bringing up tunnel...
gateway is not responding
tunnel disabled
detached from key daemon
.............
how to enable group authentication here ?
i am using nortel and in my win 7 its not working.
Can u please guide me what all settings i need to do.
My group is Group A and my log says the same to other cases:
session terminated by gateway
tunnel disabled
detached from key daemon …
I've changed all group in phase 2.
Many thanks for your kind help, guys.
I have tried multiple previous versions as well as the latest 2.1.6-beta-7 version and I still get a timeout. I also fiddled with PFS Exchange, but no success. I am on a local WiFi and I am able to connect to my VPN, I get a welcome message, but after 3-5 seconds I get disconnected with the following messages:
session terminated by gateway
tunnel disabled
detached from key daemon ...
Any help would be highly appreciated, please.
Try the Cisco 64 bit beta that is now available ( better way late than never ).
It works just peachy! You need a login at Cisco site to get this download.
47.I have installed the 2.1.7 beta 7 but connecting through wireless (internet works, vpn doesn’t) doesn’t work i still get a timeout. When i use my wired network i have no problem. Any suggestions?
I have installed the 2.1.7 beta 7 but connecting through wireless (internet works, vpn doesn't) doesn't work i still get a timeout. When i use my wired network i have no problem. Any suggestions?
I have a windows 7 64 bit just tried 2.1.6 beta 7 and still get blue screen on instal and first attempt to uninstall. I have admin privileges. Get message on uninstall "interface pointer to vfh possible cause incrrect function" and "correspond inf file in the drive store could not be found" Any ideas?
Cisco IPSec VPN Client - 5.0.7 BETA - Win7 64-bit support
Start64!Cisco has a beta version of the IPSec VPN Client out, version 5.0.7 BETA (vpnclient-winx64-msi-5.0.07.0240-k9-BETA.exe) available for download. It appears they got the message about the need for a 64-bit version of the IPSec client for Windows 7! It is available for download on CCO but requires a valid CCO login and current contract to get the code.
Thanks to www.start64.com -- http://www.start64.com/index.php?option=com_content&task=view&id=4320&Itemid=55
Well, they have already missed the boat for us. We have ShrewSoft VPN in our image and it is stable and working. We are not going to make a change to a beta.
The Group2 change worked for me as well. Thanks for putting in the effort and publishing.
I have to throw the shrew guys a few bucks as well.
Great work! Thank you for your time in putting this together. I imported the pcf file and it worked straight away.
Cheers,
Carlos
I'm running Windows 7 Enterprise x64. I just wanted to let everyone know that I had the same problems as rhyous. I also downloaded 2.1.6-beta-7. I tried my connection again and it connected without the "session terminated by gateway" message. However, I could not ping any of the servers on the network. I changed "Phase 2 - PFS Exchange" option to "Disabled" and everything is working perfectly now. This is the only alternative (in my opinion) to the cisco client for Windows 7 x64.
Hi Rhyous:
I was fowarded a link to your site this morning. I had given up on vpn on x64 from my vista x64 days (because of cisco nsane decision of not continuing to support the product on x64) and currently use a Sun Virtualbox vm running cisco VPN Client and share its connection with the Windows 7 x64 Ultimate.
At first I followed your directions with the beta7 build and they didn't work for me (everything installed fine but couldn't connect). My company uses group authentication setting in the client so after I changed the Authentication as follows:
. Modify the *.pcf with the following settings:
- change Authentication - Authentication Method to Mutual PSK
After that I was able to successfully connect 🙂 haven't tested it thoroghly but it seems to be working so far.
Thought I would share this with anyone else having the same problem.
Thanks works perfectly! 🙂
Cheers for the tutorial. I'll be testing this at my work for our 64-bit clients..
Just thought I would mention that ShrewSoft is now on our official W7 64 bit corporate image in my company. We feel it is enterprise quality and enterprise stable. We had two issues and both have been resolved by mailing to developers mailing list and reporting the issues. The fixes were made in as timely a manner as if we had paid for support.
http://www.shrewsoft.com/support
Here is the contents of a response from one of the Developers to an email I sent to ShrewSoft's mailing list:
...
All,
I just posted 2.1.6 beta 6 on the download page. While investigating the suspend resume problems, I noticed some other issues that are now
corrected. This includes a bug that prevented the daemons from handling
device handle error conditions gracefully. In particular, when the
filter driver unloaded, device handles were not being closed correctly.
This prevented the drivers from unloading unless you closed all apps and services manually. Even worse, the ike daemon would enter a high
utilization loop consuming 100% CPU and never re-open its handle. These
issues have now been resolved.
The other notable change was for the filter drivers to avoid problems
related to the Transparent DNS Proxy Daemon. The Shrew Soft client can
now be installed on the host computer along with VMWare or VirtualBox,
and no longer interferes with guest VM's DNS traffic. This should make
quite a few people happy since its a very commonly reported issue.
....
Thanks again to the ShrewSoft developers for a timely resolution to the VMWare issue listed here:
http://rhyous.com/2010/02/01/shrewsoft-vpn-proxy-services-blocks-dns-requests-for-vmware-workstation-guests/
Thanks a lot for your help,
I could connect to customer vpn with version 2.1.6 beta 4
Best regards from Vietnam
Minh
has anyone found a solution for no internet after reboot? windows 7, 32 bit and i have tested 2.1.5 and 2.1.6 beta 4. i can only connect to internet after rebot by turning off the Shrew Soft Lightweight filter in wireless connection properties.
this is the same issue i believe as post 15.
i really need to get a vpn client to work with 7 and this is the closest one i have found other than this little wireless glitch
Thanks a lot!!! I had ShrewSoft installed on my PC before, but just couldn't get it going; switching to "group 2" also solved my problem!
Best regards from Germany,
Sascha
You just saved my day - thx.
Hi all,
I have just got Shrew Soft to work with my windows 7 64-bit system (professional) on a Asus Notebook UL20A and thought I'd comment as it seens like many others are having similar problems to me. (Please note I'm working at the limits of my IT knowledge here and may not describe everything correctly, feel free to ask more questions.)
I got the Shrew Soft v 2.1.5 from my workplace as they use Cisco normally but this doesn't support windows 64 bit. (Apparently, in a workplace of thousands, no-one has yet used 64 bit !!! but the incompetence of our IT support for another day). Installation ran smoothly, I imported the Cisco .pcf file ok. Although I could apparently connect to the VPN system, it would drop out quickly afterwards, also I couldn't map my workplace network drives (I was running a separate logon script for this).
At work, using my laptop to connect to the wireless network there, then connecting to VPN with Shrew Soft and running the logon script worked, although i noticed it dropped out quickly.
I use internet wirelessly at home (DLink router) and as I could make VPN work at my workplace, I thought my home internet setup was the problem. But I had Cisco VPN running on an older laptop with windows XP (32 bit) and VPN worked perfectly, with the same internet setup (and same internet security program).
After much tinkering (turned off internet security, windows firewall already off, opening ports on the router, changing PFS setting to 'group 2' as rhyous did above) still no luck making the Shrew Soft /logon script thing work.
But I just downloaded and installed the latest beta Shrew Soft version (2.1.6 beta 4) and works perfectly. 15 min later I am still connected.
I don't understand the difference between the versions but it works, and this has made my day!
Thanks all on this page for your suggestions, it has made me persevere and now it works!
Hi everyone, I am using windows 7 64 bit Home Premium. I installed 2.1.5-release, rebooted the system and imported the .pcf file (this file was found in a directory where I tried to install cisco vpn client but ended without success). But while importing it says that the configuration uses RSA authentication method and so I need to add a certificate manually to complete the configuration. Where can I get the security certificate for this ????
Thank you!
Thank you Dr Dred for your comment. I was also not successful with any of the suggestions. Tried 2.1.6-beta-4 after reading your comment and it just worked after importing my pcf file - no tweaking of settings required.
Thank you for the guide. Quick question thguoh, currently i have setup RRAS on server 2008 R2 and have configured a policy to allow domain users. People are able to vpn in over PPTP just fine. Will i be able to use this guide to have a secure vpn? The goal is to get off of pptp becaue its unsecure. Will this guide work for me as a secure vpn alternative?thank you for your time,Saif
On Windows 7 64-bit, I had the same issue but Phase 2 settings did not fix it. 2.1.6-beta-4 client did! Left all Phase 2 settings as defaults and it worked without any immediate disconnect.
Thank you for a great product and continually improving it.
For the "Session terminated by gateway" issue, try setting PFS Exchange in phase2 settings to disabled. Worked for my after trying many different things. I got the clue from here...http://lists.shrew.net/pipermail/vpn-help/2009-August/002138.html
I found an incompatibility with VMWare Workstation Guests that you all should know about:
http://rhyous.com/2010/02/01/shrewsoft-vpn-proxy-services-blocks-dns-requests-for-vmware-workstation-guests/
There is a simple fix/workaround so no worries. I haven't really tested what happens when using VPN with the solution applied but time will tell.
I’m using the beta 2.1.6-beta-3, and import profile, did not change anything, it works! I will spned need more time to test the liability.
Thanks a lot , it save my 64bit win7, otherwise I will continue use windows xp because VPN.
Great Post. Helped me a lot. I had the same wireless issue, but using 2.1.6 Beta 3 and i can connect. all works seamlessly with the pcf file.
Thanks for the post. You are a life-saver (or should that be maker-easier 😉 )
Col
I did the steps provided on this site. I even tried all other steps taken by other users. Still, I can't get passed this error:
config loaded for site 'AT&T Home VPN Fairfield CA.pcf'
configuring client settings ...
attached to key daemon ...
peer configured
iskamp proposal configured
esp proposal configured
client configured
local id configured
pre-shared key configured
bringing up tunnel ...
network device configured
tunnel enabled
session terminated by gateway
tunnel disabled
detached from key daemon ...
I'm using the beta 2.1.6-beta-3 but I'm still getting the "session terminated by gateway" error...
I have no experience in this area and was wondering what I should try and if anyone can assist me?
Thanks in advance
On Win7 x64 under 2.1.5 release, Shrew has connected to the majority of my PCF files I was utilizing.
However, connections to Cisco's VPN (the company itself, which I assume uses their own top-of-the-line VPN gateway products) was failing after initial successful connection. I was immediately getting "session terminated by gateway" as detailed here. The timing pointed to a Phase2 issue but switching the Phase2 PFS setting did nothing.
Upgraded to 2.1.6-beta-3 release, and switched off Client | Enable Dead Peer Detection, and it is now is connecting fine.
Great! The Cisco client doesn't work in Win7 for some unknown reasons and using this client and importing the .pcf file solved the problem perfectly.
For those who are still having issues connecting to Cisco VPN gateways, you may find this post helpful. However, please use the 2.1.6 beta 3 release as it contains a fix for a bug that crept into the beta 2 release.
http://lists.shrew.net/pipermail/vpn-help/2009-December/002572.html
Thanks, I updated the article to point to this version.
Thanks a lot! This was an incredibly helpful post, just wish it was the top google result for related queries. Way to stick it to Cisco for not providing it's customers with more options/better support! Great job!
Thx alot,
you can also import the Cisco *.pcf files - and it works perfectly.
Cheers
Hi,
Im getting below error, please help me to fix this.
attached to key daemon ...
peer configured
iskamp proposal configured
esp proposal configured
client configured
pre-shared key configured
bringing up tunnel ...
negotiation timout occurred
tunnel disabled
detached from key daemon ...
Thanks,
Selva
If you want support, you need to go to ShrewSoft's site:
http://www.shrew.net/support/
You can also send an email to their mailing list.
http://lists.shrew.net/mailman/listinfo/
Hey this worked for me on my version of windows 7 (64 bit) OS without much effort. The latest release 2.1.5-release on 5th Dec 09 has the PFS setting also in place, all I did was install, reboot, import pcf and connect. Thanks a ton since My Cisco client wasn't working either.
Thanks, I just made a post about the new release...
Hi everyone, I am using windows 7 64 bit Home Premium. I installed 2.1.5-release and imported .pcf file (this file was found in a directory where I tried to install cisco vpn client but ended without success). But while importing it says that the configuration uses RSA authentication method and so I need to add a certificate manually to complete the configuration. Where can I get the certificate for this ????
Any way to make it remember my login/password the way the cisco client does?
Not that I have seen. You should email the author with your request, it would be pretty easy to implement.
I happen to wireless connection (it work flawlessly with cable connection). While I turn off "ShrewSoft DNS Proxy Daemon" service, I can browser web but can't connect VPN.
This is a bug with wireless connection.
phu.tang - I have the same problem, wired connection it works perfectly, but on my laptop it will work until I reboot... then no web browsing until i stop dnsproxy and no vpn connections...
(Win7 64bit)
Same with me... maybe a driver issue ?
Same issue here. I had the same thought ad you phu.tang. Try to turn off the DNS proxy service but I do not see any ShrewSoft DNS Proxy Daemon in myservices.msc though :/
how did you turn off the service ?
I don't know what myservices.msc shows (maybe you are just missing a space) but services.msc shows me a list of services for ShrewSoft and the first one is the one. The services I show are these:
ShrewSoft DNS Proxy Daemon
ShrewSoft IKE Daemon
ShrewSoft IPSEC Daemon
I had the same issues with WIN7 64 bit, VPN used to work on wireless, but not anymore.
First disabling the "Shrew soft dns proxy daemon" allowed my wireless connection to see internet and the following fixed the VPN via wireless internet:
go to control panel/network and internet/network connections
Disable "Microsoft Virtual WiFi Miniport Adapter" in the list of and you will be able to connect VPN via wirelss. I think this was automatically installed by Microsoft update process recently when my VPN via wireless stopped working.
Hopefully this fixes your problem as well 🙂
You're the best!! It works flawlessly
I don't have this problem, but after install (v2.1.5-rc-5) and reboot laptop (window 7 64 bit), I can connect to network but i can't browser any website. I seem be DNS problem, anyone have the same this issue with me.
[...] The original blog post on which this guide was based (and what made it work for me) Share this post! [...]
Anyone else getting BSODs when trying to install 2.1.5-rc4 on a fresh Win7 x64 installation?
I've tried 3 times using native and compatibility settings and it always crashes when it tries to install the networking drivers.
Suggestions?
Well, email the author and ask him if he would like to debug. Since I have seen this work on so many Windows 7 64 bit workstations it is hard to not think it may only be something that occurs with your hardware or with a specific hardware driver you are loading or that is loaded by the install. Maybe the developer would love to see your dump file.
Read this:
http://www.shrew.net/support/wiki/BugReportVpnWindows
Thanks- this was a great find! I only discovered after installing 64 bit Windows 7 that the Cisco VPN was incompatible (and the built-in VPN client didn't work). This solved the problem in no time! And to think I was considering reinstalling with Win7 32 bit!
Hey THX a lot,
i was searching for this issue too. After lots of search i considered to use the integrated VPC with WINXP (which worked as well) to connect with my company.
But your rocking information to change to Group2 worked for me great. Now i'm armed with VPN XXL 😉
I tried Group 2 but I can still only authenticate but do not have the ability to ping. Checking ipconfig it shows I have no gateway, however the odd thing is the cisco vpn 32bit on xp also shows no gateway. So this may be no indication of where the problem actually resides.
Erek,
Sorry you had troubles. I have dozens of people at work using this and a thousands of people have hit this post and that is the first bad report. I wonder if there is something specific to your workstation, like a conflicting software or something. You may want to go to the developers site and maybe there is a way you can send them your details and blue screen info.
The problem with the latest version of shrewsoft was that while it didn't bluescreen during install, it caused my computer to bluescreen periodically afterwards.
Thank you very much, worked for me, without changing to Group2... You rock my world! 😉
Awesome, I had the same error, this worked for me!
Many thanks.
Thanks for the info! Worked for me with the defaults (no need to change the PFS default).
Thank you. Changing to Group2 fixed the problem for me too.