Table Of Contents
Release Notes for the Cisco VPN 5000 Client Software Version 5.2.1
Caveats Fixed in Previous Releases
Caveats Fixed for All Windows Platforms
Caveats Fixed in Version 5.1.7
Caveats Fixed in Version 5.1.1
Caveats Fixed for Windows 2000
Caveats Fixed in Version 5.1.10
Caveats Fixed in Version 5.1.7
Caveats Fixed in Version 5.1.1
Caveats Fixed in Version 5.0.12
Caveats Fixed in Version 5.0.12
Caveats Fixed in Version 5.1.7
Caveats Fixed for Windows 95/98
Caveats Fixed in Version 5.1.1
Caveats Fixed in Version 5.1.5
Caveats Fixed in Version 5.1.2
Caveats Fixed in Version 5.0.19
Caveats Fixed in Version 5.0.8
Caveats Fixed in Version 5.1.5
Caveats Fixed in Version 5.1.1
Caveats Fixed in Version 5.0.11
Caveats Fixed in Version 5.0.8
Caveats Fixed for Classic Mac OS
Caveats Fixed in Version 5.1.2
Caveats Fixed in Version 5.0.3
Caveats Fixed in Version 5.0.0
Caveats Fixed in Version 4.2.x
Caveats Fixed in Version 3.8.x
Caveats Fixed in Version 3.7.x
Caveats Fixed in Version 3.6.x
Caveats Fixed in Version 3.3.x
Open Caveats for the VPN 5000 Client
Open Caveats for All Windows Platforms
Open Caveats for Intel Solaris
Open Caveats for Classic Mac OS
Limitations for the VPN 5000 Client
Limitations for All Windows Platforms
Obtaining Technical Assistance
Release Notes for the Cisco VPN 5000 Client Software Version 5.2.1
March 8, 2002
These release notes provide information about the Cisco VPN 5000 client software Version 5.2.1. for all operating systems. These release notes are updated as needed to describe new and changed information, caveats, and documentation updates.
This release adds support for the new ExcludeIPNet keyword on the VPN 5000 concentrators. For more information see the "ExcludeIPNet Keyword" section.
Contents
This document contains the following sections:
•
Caveats Fixed in This Release
•
•
•
ExcludeIPNet Keyword
This section describes the VPN client support for the ExcludeIPNet keyword on the VPN 5000 concentrators.
The new ExcludeIPNet keyword on the VPN 5000 concentrators allows you to define a list of IP nets to exclude from a VPN tunnel. If you set this keyword on the VPN 5000 concentrator, the VPN 5000 client reads the data and builds a list of excluded nets. This list allows the VPN client to determine which IP nets are not tunneled.
The VPN 5000 client supports the ExcludeIPNet keyword on all operating systems.
All VPN 5000 clients that support ExcludeIPNet can connect to concentrators that do not support this keyword. VPN 5000 clients that do not support ExcludeIPNet can connect to concentrators that support ExcludeIPNet only if the keyword is not configured on the concentrator.
Caveats Fixed in This Release
The following sections describe caveats fixed in VPN 5000 client software Version 5.2.1.
Caveats Fixed for Linux
This section describes caveats fixed in VPN 5000 client software Version 5.2.1 for Linux.
•
The VPN client now creates the necessary folder /etc/Intraport Client/certificates/requests during installation and the "can't open out file" message no longer appears when you attempt to make a certificate request using simple certificate enrollment protocol (SCEP).
•
When you configure the VPN client for Solaris to exclude local LAN traffic over a PPP connection, local LAN traffic is now excluded from the tunnel.
Caveats Fixed in Previous Releases
The following sections list caveats fixed in previous releases of the VPN 5000 client.
Caveats Fixed for All Windows Platforms
This section lists caveats fixed in previous releases for the VPN 5000 client for all Windows operating systems.
Caveats Fixed in Version 5.1.7
•
When the connection from VPN client to the concentrator has been closed, you are notified by a dialog box (Figure 1) . This dialog box does not appear if you exit the VPN client by clicking the Exit or Disconnect button on the VPN client window.
Figure 1 Connection Has Been Closed Dialog Box
•
A red X applears across the globe in the system tool tray (Figure 2) when the connection to the concentrator is closed.
Figure 2 Connection Has Been Closed Indicator
•
The documentation has been updated to clarify the installation procedure for preconfigured root certificates in the oem folder.
Caveats Fixed in Version 5.1.1
•
If you are connected to a concentrator that has the PFS keyword in the VPN Group section set to any other setting than Off, the tunnel now passes traffic.
•
If the VPN client is connected and closed, and then quickly reopened, a STEP VxD error no longer occurs.
•
When the client is connected to a secondary server, the VPN client displays the correct server information in the VPN Client window.
•
The VPN client now writes an exit statement to the VPN session log when you exit the VPN client by right-clicking the globe icon on the tray. Previously an exit statement appeared in the VPN session log if you exited the VPN client using the Exit or Disconnect buttons on the VPN Client window.
Caveats Fixed for Windows 2000
This section lists caveats fixed in previous releases of the VPN client for Windows 2000.
Caveats Fixed in Version 5.1.10
•
The VPN client now passes traffic when you use it with the Novell client Version 4.8 for Windows 2000 over a dialup or DSL connection.
•
When you use the VPN client on an IBM Think Pad T22 with an Intel Pro/100 SP NIC, you can now connect to resources and pass data.
Caveats Fixed in Version 5.1.7
•
The VPN client now properly drops the tunnel when you right-click the globe icon on the system tray and select Exit.
•
When you are using a VPN client configured to use NAT Transparency Mode, the VPN client now disconnects when a VPN concentrator closes the connection.
Caveats Fixed in Version 5.1.1
•
Large file transfers no longer fail on workstations using the Intel e100bnt5.sys driver shipped with Windows 2000 Service Pack 1.
•
The WinPoET PPPoE client, Versions 2.0 and 2.1, now initiate connections to upstream PPPoE servers if the VPN client for Windows 2000 is installed on your PC.
•
The installation process no longer stops and requires user intervention when you select a language other than English during the installation process.
•
A connection is no longer denied if the VPN client is configured to encrypt passwords, and the concentrator you are connecting to has the SaveSecrets keyword set to True in the VPN Group section.
Caveats Fixed in Version 5.0.12
•
The VPN client for Windows 2000 now supports IPX traffic over dialup connections.
•
When you copy a certificate to the desktop or to the My Documents folder, the VPN client now finds the certificate when you try to import it.
•
The VPN client for Windows 2000 works with Entrust user certificates.
•
If you use suspend mode on your workstation, this no longer causes PPP connections to fail or your workstation to crash.
•
You can now establish multiple tunnels using NAT transparency behind a PIX firewall.
Caveats Fixed for Windows NT
This section lists caveats fixed in previous releases of the VPN 5000 client for Windows NT.
Caveats Fixed in Version 5.0.12
•
Inconsistent connection attempts no longer occur when you use the Auto-Connect to Default Before Logon option.
•
The VPN client no longer interferes with the Reflection XTerm display.
Caveats Fixed for Windows ME
This section lists caveats fixed in previous releases of the VPN 5000 client for Windows ME.
Caveats Fixed in Version 5.1.7
•
You no longer lose Internet connectivity when you install the VPN client for Windows ME on your PC.
Caveats Fixed for Windows 95/98
This section lists caveats fixed in previous releases of the VPN 5000 client for Windows 95/98.
Caveats Fixed in Version 5.1.1
•
When you end your VPN session using the Disconnect button, and close the VPN client window before you click OK on the new "The VPN connection has been closed" dialog box, an error message no longer appears. Previously, this only occurred if AutoConnect before Logon was enabled.
•
The VPN client for Windows 95/98 now operates when used in conjunction with AOL Versions 5.0 and 6.0. There are no longer issues with the MaxMTU setting in the registry.
Caveats Fixed for Linux
This section lists caveats fixed in previous releases of the VPN 5000 client for Linux.
Caveats Fixed in Version 5.1.5
•
When you use the VPN client in active or normal mode FTP, the FTP session no longer locks up if you are using concentrator code that is at or above Version 5.2.21or 6.0.19. Previously, this problem occurred because the VPN client could not receive traffic through sessions that it did not initiate.
•
When you use the VPN client with a dialup connection, a certificate in Manual mode no longer fails, and the VPN client can now successfully connect to the concentrator.
•
When you use the -n flag on the command line to use NAT transparency, this no longer overwrites the UseFTCP=True keyword in the configuration file.
•
The keepalive interval on the VPN client push from the concentrator now times out in the correct time frame.
Caveats Fixed in Version 5.1.2
•
The close_tunnel process no longer fails when you place the open_tunnel process into the background and enter your shared secret to receive the "Tunnel open..." message.
•
The VPN client no longer locks up due to a large number of debugging messages being appearing in the system log.
•
If you use the VPN client for Linux with RADIUS, SecurID, and a certificate, the SecurID prompt now requests that you enter the Passcode so that a connection can be established.
Caveats Fixed in Version 5.0.19
•
The VPN client no longer dumps system messages in the debugging log. Previously, a high number of logging messages caused the workstation to lock up.
Caveats Fixed in Version 5.0.8
•
The VPN client using kernel Versions 2.2.5 through 2.2.15 or later no longer causes the operating system to stop responding to console commands.
•
The VPN client now works correctly with a concentrator configured for DNS redistribution.
Caveats Fixed for Solaris
This section lists caveats fixed in previous releases of the VPN 5000 client for Solaris.
Caveats Fixed in Version 5.1.5
•
When you connect to a VPN group that has the AutoReconnect option configured, the VPN client for Solaris now disconnects from the concentrator when it is restarted.
•
When you use the VPN client for Solaris with a PPP connection in Main mode, the concentrator no longer displays a "WRONG PACKET HERE PAYLOAD=5" message and Error 256. The VPN client no longer times out because the concentrator stops attempting to make the connection.
•
When you enter the -n (fTCP enabled) flag on the command line, you enable NAT Transparency for the active session only and the UsefTCP keyword in the configuration is no longer automatically set to TRUE. To set all sessions to use NAT Transparency, manually change the UsefTCP keyword in the configuration file.
•
The VPN client now searches for a lost connection for the proper duration of time before it terminates a connection with a concentrator.
Caveats Fixed in Version 5.1.1
•
If you use the mget command while a VPN tunnel is established, you no longer lose the ability to send packets using FTP.
•
The VPN client for Intel Solaris no longer becomes inoperable when you attempt to establish a tunnel configured to use NAT transparency. Previously, this occurred using an Ethernet connection with Solaris 8.
•
Normal VPN client user accounts are now able to communicate with VPN devices over an Ethernet connection.
Caveats Fixed in Version 5.0.11
•
The Cisco VPN 5000 Solaris client now connects if you have a VPN Group defined without an IPNet value.
•
If you use an Ethernet connection to establish a VPN tunnel using SPARC Solaris Version 8, the operating system no longer stops working.
•
The VPN 5000 client for SPARC Solaris no longer tunnels all traffic when using IPNet=0.0.0.0/1.
Caveats Fixed in Version 5.0.8
•
A VPN client for Solaris that is configured to use NAT transparency now encapsulates packets in fTCP for all concentrators.
Caveats Fixed SPARC Solaris
The following caveats have been fixed in the VPN client for SPARC Solaris. They are still known issues in the VPN client for Intel Solaris. See the "Open Caveats for Intel Solaris" section for more information.
•
This problem occurred with Solaris Version 2.6.
When you configure the VPN client for Solaris with interface ipdptp0 over a PPP connection, the client is now able to establish a connection. If you configure the VPN client for Solaris with interface hme2 or -d hme2, you can establish a connection and pass traffic.
•
During installation, the VPN client now creates the necessary folder /etc/Intraport Client/certificates/requests and a "can't open out file" message no longer appears when you attempt to make a certificate request using SCEP.
•
When you issue the close_tunnel command, the VPN client now searches for a ps command to execute instead of executing the first command that resides in the directory defined in the $PATH variable.
Caveats Fixed for Classic Mac OS
This section lists caveats fixed in previous releases of the VPN 5000 client for the Classic Mac OS.
Note
Caveats Fixed in Version 5.1.2
•
When an invalid certificate is imported using the Import button on the Certificates tab of the VPN Client window, the client no longer stops working.
•
The VPN client no longer drops its end of a tunnel after a period of inactivity when connected to a concentrator.
•
The maximum segment size value for the VPN client has been reduced to 0x0550 (1360) bytes to allow a safety margin for web servers that do not reduce the maximum transmission unit (MTU) of outgoing traffic.
•
The VPN client now passes packets larger than 1300 bytes when establishing a connection using a Mac PoET PPPoE client from Windriver.
Caveats Fixed in Version 5.0.3
•
The VPN client now manages the TCP MSS value and requires the server to send properly sized packets which can be tunneled from the concentrator to the VPN client.
•
The VPN client now correctly displays the VPN Client window after you close and then reopen it.
•
When a workstation with a VPN client is connected through a tunnel, other local workstations on the network are able to ping the workstation successfully. Although a ping from a local workstation reaches the workstation, any other type of traffic from the local network is silently discarded. There are no IP security issues and it is not detrimental to the IP security or reliability of the VPN client connection.
•
The VPN client will now properly time out a connection attempt to the primary server and roll over to the secondary server if the primary server does not respond.
•
The VPN client no longer attempts to prepare or write debug statements to a file at the improper time.
•
The message which tells the user to quit all other applications during the installation process has been reworded.
•
The readme file has been changed from a text file, which can be modified by the user, to a ttro file, which cannot be modified. The release notes in the readme file have also been updated and corrected to remove grammatical errors.
•
The version number is now included as the first line in the message window of all install programs of the VPN client.
•
The VPN client Timestamp functions are no longer called at improper times (which causes the VPN client to become inoperable in rare occurrences).
•
The Mac OS no longer becomes inoperable when the concentrator sends a reset packet back to the VPN client after you have disconnected.
•
The VPN client now sends the correct minimum version information to the concentrator so that the concentrator can disallow any VPN client that does not meet the MinimumVersion variable specified by the VPN Group in the concentrator.
Caveats Fixed in Version 5.0.0
•
If you use an Apple Directory DA with the VPN client for Mac OS with NAT transparency turned on, this no longer requires that packets be fragmented before you send the packets through the VPN tunnel.
•
The Macintosh is now able to be placed into Sleep mode so that the VPN client can stay connected to a concentrator.
•
The RADIUS authentication password dialog box now correctly asks for the password instead of the username.
•
The login dialog window is no longer positioned beyond the visible portion on multiple-monitor configurations. The coordinates of the main window are now checked and adjusted.
•
The VPN client no longer conflicts with the Mac operating system due to debug facilities that remained from previous versions. Previously, this conflict caused the operating system to crash, and Macsbug could not write a standard log when the Mac OS crashed.
Caveats Fixed in Version 4.2.x
•
The VPN client now allows duplicate login names on the Configuration tab of the VPN Client window if the primary servers are different.
•
The shared key entered by a user no longer remains in the VPN client after a failed connection attempt. Each subsequent user is now prompted for a shared key.
•
An Apple laptop awakening from sleep mode no longer loses its tunnel connection from the concentrator. The VPN client now reestablishes its connections, or quits if it fails to reestablish the connection.
•
The preferences you select in the VPN Client window, such as the window position and column widths, are now saved after you reinstall the VPN client.
The following caveats fixed in Version 4.2.x are not assigned corresponding caveat numbers in the Cisco DDTs.
•
•
•
Caveats Fixed in Version 3.8.x
The following caveats fixed in Version 3.8.x are not assigned corresponding caveat numbers in the Cisco DDTs.
•
•
Caveats Fixed in Version 3.7.x
The following caveats fixed in Version 3.7.x are not assigned corresponding caveat numbers in the Cisco DDTs.
•
•
•
•
•
•
•
Caveats Fixed in Version 3.6.x
The following caveats fixed in Version 3.6.x are not assigned corresponding caveat numbers in the Cisco DDTs.
•
•
•
•
•
•
Caveats Fixed in Version 3.3.x
The following caveats fixed in Version 3.3.x are not assigned corresponding caveat numbers in the Cisco DDTs.
•
•
•
Open Caveats for the VPN 5000 Client
The following sections list known issues for the Cisco VPN 5000 client software Version 5.2.1.
Open Caveats for All Windows Platforms
This section describes open caveats for the VPN client on all Windows operating systems.
•
If the AutoReconnect feature is enabled, the VPN client does not try to reconnect until you click OK in a dialog box that warns you that the connection has been lost.
No workaround.
•
If the AutoReconnect feature is enabled in a VPN Group that has SaveSecrets disabled (the default value), the VPN client does not properly reconnect to the concentrator.
Workaround 1: Enable SaveSecrets in the VPN Group.
Workaround 2: Use a user certificate with an embedded VPN Group so that both Shared Key and Radius passwords are unnecessary.
For additional security, click the Advanced button on the VPN Client window and check the Encrypt Passwords box.
Open Caveats for Windows 2000
This section lists open caveats for the VPN client Version 5.2.1 for Windows 2000.
•
If you install the VPN client for Windows 2000, you might lose the SAP MAPI connections on your computer.
No workaround.
Open Caveats for Solaris
This section lists open caveats for the VPN client Version 5.2.1 for Solaris.
•
A VPN client for Solaris 8 using the native PPPoE or PPP interfaces fails a connection attempt to a VPN 5000 concentrator because the VPN traffic was not being encrypted before passing through the PPP interface.
No workaround.
Open Caveats for Intel Solaris
The following open caveats apply only to the VPN client for Intel Solaris. These caveats have been fixed in the VPN client for SPARC Solaris. See the "Caveats Fixed SPARC Solaris" section for more information.
•
The following problem occurs with Solaris Version 2.6:
–
–
Workaround: Manually execute the autopush command to allow the ipdptp stream to be created before boot time autopush occurs.
To manually execute autopush:
a.
ipdptp -1 0 vpnmodb.
c.
autopush -f /etc/ppp.ap•
The VPN client does not call the full path (for example, /bin/ps) when you issue the close_tunnel command. It calls the command that first resides in the directory defined in the $PATH variable. If another command resides in $PATH before /bin/ps, the VPN client executes the first command instead.
Workaround: Make sure that /bin/ps is the first directory listed in your $PATH.
Open Caveats for Classic Mac OS
This section lists open caveats for the VPN client Version 5.2.1 release for Mac OS.
•
If you are use a VPN client with encrypt passwords disabled and you try to connect to a VPN 5001 concentrator that has shared secrets enabled, the VPN client does not write the shared key to the client preferences file located in the system directory.
Workaround: Delete the system preference file and let the VPN client rebuild it.
•
You cannot establish SSH connections through the VPN tunnel when you are using a VPN client for Mac OS. However, you can establish SSH connections to an fsecure server if there is no VPN tunnel.
No workaround.
•
If you are using the VPN client and the system enters sleep mode, the VPN client becomes inoperable and you must reboot the operating system after you awaken your system.
No workaround.
Limitations for the VPN 5000 Client
The following sections list limitations for the VPN 5000 client software Version 5.2.1.
Limitations for All Windows Platforms
This section lists limitations for the VPN client Version 5.2.1 for all Windows operating systems.
•
The VPN client does not support Token Ring, USB, or PPPoA adapters.
No workaround.
Limitations for Windows XP
This section lists limitations for the VPN client Version 5.2.1 for Windows XP.
•
The VPN client window and dialog boxes do not always appear in the foreground even though you are in an active tunnel session.
Workaround: Double-click the globe in the icon tray to bring the VPN client windows to the foreground.
•
If you establish a VPN tunnel with an Ethernet connection, subsequent connection attempts over PPP fail if the original Ethernet adapter remains enabled.
Workaround 1: Disable ICMP redirects on the workstation on which the VPN client for Windows XP is installed. To disable ICMP redirects, go to the registry and set the following statement equal to 0: HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\Parameters\EnableICMPRedirect.
Workaround 2: Disable the original Ethernet connection using one of the following methods:
–
–
Note
•
If you use the VPN client for Windows XP over a PPP connection, your workstation might become inoperable. This is caused by interference from a service called the QoS Packet Scheduler, which is installed by default with the Windows XP operating system. This problem usually occurs on laptops with internal or PCMCIA modems.
Workaround: Uninstall the Qos Packet Scheduler from your network connection before you use the VPN client for Windows XP.
•
If you use both the VPN client and Windows Messenger Versions 4.0 and 4.5 on your workstation, you can only pass text traffic and you are unable to use the following features of Windows Messenger:
–
–
–
–
–
This limitation is caused by a Network Address Translation (NAT) restriction in the Windows Messenger application.
No workaround.
•
If you install or upgrade certain networking applications, such as Windows Messenger, the application might be unable to make use of the VPN tunnel.
Workaround: To make sure that the VPN client application recognizes installations and upgrades, you must uninstall and reinstall the VPN client.
•
If a VPN client user is switched to another account using the Fast User Switching feature of Windows XP, the original VPN tunnel remains active, even though the new account does not have control over the connection and does not know that the connection is active.
Workaround: A VPN tunnel can only be controlled through the account that originally established the tunnel. Before you switch to another account using Fast User Switching, be sure that the VPN tunnel is inactive.
•
If you use the Remote Desktop feature on a Windows XP Professional workstation, a popup window appears explaining that a VPN5000Gina.dll file is preventing the connection. The VPN5000Gina.dll file is part of the Auto-Connect to Default Before Logon feature of the VPN 5000 client, and the Auto-Connect feature interferes with the remote desktop feature of Windows XP Professional.
Workaround: Disable the VPN5000Gina.dll using the following procedure:
a.
b.
c.
d.
Limitations for Windows 2000
This section lists limitations for the VPN client Version 5.2.1 for Windows 2000.
•
•
The VPN client for Windows 2000 displays network errors when used with NetBios traffic.
Workaround 1: To enable local file sharing and printing, set the Local Tunneling Control section of the Advanced Properties dialog box to match the following:
–
–
–
–
–
Workaround 2: Disable the Cisco VPN Transport service in the Network Control Panel.
•
You cannot use the VPN client for Windows 2000 with a Linksys, Compaq, or Lucent wireless Ethernet configuration.
Workaround: Remove the configuration tool from the Startup menu, and configure the wireless adapter parameters manually in the network properties. If the configuration tool is needed, then the VPN Adapter must be disabled.
•
If the VPN client for Windows 2000 is installed on your computer and you then install the NetBEUI protocol, this might corrupt your operating system and cause you to reimage your computer.
Workaround: Before you install the VPN client for Windows 2000, install the NetBEUI protocol on your computer .
Limitations for Windows ME
This section lists limitations for the VPN client Version 5.2.1 for Windows ME.
•
Workaround: Use the Microsoft Client for Netware with the VPN client for Windows ME.
Limitations for Windows 95/98
This section lists limitations in the VPN client Version 5.2.1 for Windows 95/98.
•
Workaround: Update to Windows 98SE, or ensure that all networking updates are applied to the Win98-orig install.
Limitations for Linux
This section lists limitations for the VPN client Version 5.2.1 for Linux.
•
•
The VPN client only has control over the interface that is specified for tunneling on the command line. It does not affect other interfaces or devices. For example, if you specify the following command:
open_tunnel -d eth1then traffic through eth0 or ppp0, is not affected in any way.
•
Workaround: Use kernel Version 2.4.x.
Limitations for Solaris
This section lists limitations for the VPN client Version 5.2.1 for Solaris.
•
If the open_tunnel process is killed using the kill -9 command, the open_tunnel process terminates, but the driver remains in an inconsistent state causing the VPN client to continue tunneling packets.
Workaround: Use the close_tunnel command to terminate the open_tunnel process and reset the driver.
The following limitation applies only to the VPN client for SPARC Solaris.
•
Workaround: Set up your routes so that all traffic flows through the PPP interface.
Obtaining Documentation
The following sections explain how to obtain documentation from Cisco Systems.
World Wide Web
You can access the most current Cisco documentation on the World Wide Web at the following URL:
Translated documentation is available at the following URL:
http://www.cisco.com/public/countries_languages.shtml
Documentation CD-ROM
Cisco documentation and additional literature are available in a Cisco Documentation CD-ROM package, which is shipped with your product. The Documentation CD-ROM is updated monthly and may be more current than printed documentation. The CD-ROM package is available as a single unit or through an annual subscription.
Ordering Documentation
Cisco documentation is available in the following ways:
•
http://www.cisco.com/public/ordsum.html
•
http://www.cisco.com/go/subscription
•
Documentation Feedback
If you are reading Cisco product documentation on Cisco.com, you can submit technical comments electronically. Click Leave Feedback at the bottom of the Cisco Documentation home page. After you complete the form, print it out and fax it to Cisco at 408 527-0730.
You can e-mail your comments to bug-doc@cisco.com.
To submit your comments by mail, use the response card behind the front cover of your document, or write to the following address:
Cisco Systems
Attn: Document Resource Connection
170 West Tasman Drive
San Jose, CA 95134-9883We appreciate your comments.
Obtaining Technical Assistance
Cisco provides Cisco.com as a starting point for all technical assistance. Customers and partners can obtain documentation, troubleshooting tips, and sample configurations from online tools by using the Cisco Technical Assistance Center (TAC) Web Site. Cisco.com registered users have complete access to the technical support resources on the Cisco TAC Web Site.
Cisco.com
Cisco.com is the foundation of a suite of interactive, networked services that provides immediate, open access to Cisco information, networking solutions, services, programs, and resources at any time, from anywhere in the world.
Cisco.com is a highly integrated Internet application and a powerful, easy-to-use tool that provides a broad range of features and services to help you to
•
•
•
•
•
You can self-register on Cisco.com to obtain customized information and service. To access Cisco.com, go to the following URL:
Technical Assistance Center
The Cisco TAC is available to all customers who need technical assistance with a Cisco product, technology, or solution. Two types of support are available through the Cisco TAC: the Cisco TAC Web Site and the Cisco TAC Escalation Center.
Inquiries to Cisco TAC are categorized according to the urgency of the issue:
•
•
•
•
Which Cisco TAC resource you choose is based on the priority of the problem and the conditions of service contracts, when applicable.
Cisco TAC Web Site
The Cisco TAC Web Site allows you to resolve P3 and P4 issues yourself, saving both cost and time. The site provides around-the-clock access to online tools, knowledge bases, and software. To access the Cisco TAC Web Site, go to the following URL:
All customers, partners, and resellers who have a valid Cisco services contract have complete access to the technical support resources on the Cisco TAC Web Site. The Cisco TAC Web Site requires a Cisco.com login ID and password. If you have a valid service contract but do not have a login ID or password, go to the following URL to register:
http://www.cisco.com/register/
If you cannot resolve your technical issues by using the Cisco TAC Web Site, and you are a Cisco.com registered user, you can open a case online by using the TAC Case Open tool at the following URL:
http://www.cisco.com/tac/caseopen
If you have Internet access, it is recommended that you open P3 and P4 cases through the Cisco TAC Web Site.
Cisco TAC Escalation Center
The Cisco TAC Escalation Center addresses issues that are classified as priority level 1 or priority level 2; these classifications are assigned when severe network degradation significantly impacts business operations. When you contact the TAC Escalation Center with a P1 or P2 problem, a Cisco TAC engineer will automatically open a case.
To obtain a directory of toll-free Cisco TAC telephone numbers for your country, go to the following URL:
http://www.cisco.com/warp/public/687/Directory/DirTAC.shtml
Before calling, please check with your network operations center to determine the level of Cisco support services to which your company is entitled; for example, SMARTnet, SMARTnet Onsite, or Network Supported Accounts (NSA). In addition, please have available your service agreement number and your product serial number.
Copyright ©2002, Cisco Systems, Inc.
All rights reserved.
Guest
