如何解决思科VPN客户端身份validation错误413？

我是一名软件开发人员承包商，我已经获得思科VPN访问客户的networking。 这是一个典型的设置，使用RSA SecureID软件令牌，当我在开发工作站的VirtualBox实例（Win 7）中运行VPN客户端（v 5.0.07.0440）时，我可以成功连接。

但是，当我在开发工作站的操作系统本身（也是Win 7）上直接运行VPN客户端时，它已经失败了，并且给我提供了Authentication Error 413.这个错误通常是由于input了错误的证书，发现指向用户错误是唯一可能的原因。

然而我确定这不是问题，因为在虚拟机上使用VPN客户端时，我可以很容易地certificate自己。 我对两种环境之间的相关差异感到不知所措。 任何指导将不胜感激。

从VPN客户端login如下。 （我已经编辑了特定的服务器和IP值，并用{text}replace了它们。）

• 如何防止浏览器提示客户端证书，并允许IIS接受（不需要它）？
• IIS 8.5 Windows身份validation失败的一些用户
• 如何在没有Yast的情况下configurationLDAP客户端 – SLES 11 SP3
• 对其他域用户执行sudo时的权限
• PowerBroker打开组列表和枚举

Cisco Systems VPN Client Version 5.0.07.0440 Copyright (C) 1998-2010 Cisco Systems, Inc. All Rights Reserved. Client Type(s): Windows, WinNT Running on: 6.1.7601 Service Pack 1 1 15:54:10.121 01/24/14 Sev=Info/4 CM/0x63100002 Begin connection process 2 15:54:10.132 01/24/14 Sev=Info/4 CM/0x63100004 Establish secure connection 3 15:54:10.132 01/24/14 Sev=Info/4 CM/0x63100024 Attempt connection with server "{server name}" 4 15:54:10.139 01/24/14 Sev=Info/6 IKE/0x6300003B Attempting to establish a connection with {IP}. 5 15:54:10.144 01/24/14 Sev=Info/4 IKE/0x63000001 Starting IKE Phase 1 Negotiation 6 15:54:10.284 01/24/14 Sev=Info/6 GUI/0x63B00012 Authentication request attributes is 102h. 7 15:54:10.149 01/24/14 Sev=Info/4 IKE/0x63000013 SENDING >>> ISAKMP OAK AG (SA, KE, NON, ID, VID(Xauth), VID(dpd), VID(Frag), VID(Nat-T), VID(Unity)) to {IP} 8 15:54:10.155 01/24/14 Sev=Info/4 IPSEC/0x63700008 IPSec driver successfully started 9 15:54:10.155 01/24/14 Sev=Info/4 IPSEC/0x63700014 Deleted all keys 10 15:54:10.207 01/24/14 Sev=Info/5 IKE/0x6300002F Received ISAKMP packet: peer = {IP} 11 15:54:10.207 01/24/14 Sev=Info/4 IKE/0x63000014 RECEIVING <<< ISAKMP OAK AG (SA, KE, NON, ID, HASH, VID(Unity), VID(Xauth), VID(dpd), VID(Nat-T), NAT-D, NAT-D, VID(Frag), VID(?)) from {IP} 12 15:54:10.207 01/24/14 Sev=Info/5 IKE/0x63000001 Peer is a Cisco-Unity compliant peer 13 15:54:10.207 01/24/14 Sev=Info/5 IKE/0x63000001 Peer supports XAUTH 14 15:54:10.207 01/24/14 Sev=Info/5 IKE/0x63000001 Peer supports DPD 15 15:54:10.207 01/24/14 Sev=Info/5 IKE/0x63000001 Peer supports NAT-T 16 15:54:10.207 01/24/14 Sev=Info/5 IKE/0x63000001 Peer supports IKE fragmentation payloads 17 15:54:10.212 01/24/14 Sev=Info/6 IKE/0x63000001 IOS Vendor ID Contruction successful 18 15:54:10.212 01/24/14 Sev=Info/4 IKE/0x63000013 SENDING >>> ISAKMP OAK AG *(HASH, NOTIFY:STATUS_INITIAL_CONTACT, NAT-D, NAT-D, VID(?), VID(Unity)) to {IP} 19 15:54:10.213 01/24/14 Sev=Info/6 IKE/0x63000055 Sent a keepalive on the IPSec SA 20 15:54:10.213 01/24/14 Sev=Info/4 IKE/0x63000083 IKE Port in use - Local Port = {port}, Remote Port = {port} 21 15:54:10.213 01/24/14 Sev=Info/5 IKE/0x63000072 Automatic NAT Detection Status: Remote end is NOT behind a NAT device This end IS behind a NAT device 22 15:54:10.213 01/24/14 Sev=Info/4 CM/0x6310000E Established Phase 1 SA. 1 Crypto Active IKE SA, 0 User Authenticated IKE SA in the system 23 15:54:10.272 01/24/14 Sev=Info/5 IKE/0x6300002F Received ISAKMP packet: peer = {IP} 24 15:54:10.273 01/24/14 Sev=Info/4 IKE/0x63000014 RECEIVING <<< ISAKMP OAK TRANS *(HASH, ATTR) from {IP} 25 15:54:10.273 01/24/14 Sev=Info/4 CM/0x63100015 Launch xAuth application 26 15:54:20.310 01/24/14 Sev=Info/6 IKE/0x63000055 Sent a keepalive on the IPSec SA 27 15:54:28.172 01/24/14 Sev=Info/4 CM/0x63100017 xAuth application returned 28 15:54:28.172 01/24/14 Sev=Info/4 IKE/0x63000013 SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to {IP} 29 15:54:30.396 01/24/14 Sev=Info/5 IKE/0x6300002F Received ISAKMP packet: peer = {IP} 30 15:54:30.397 01/24/14 Sev=Info/4 IKE/0x63000014 RECEIVING <<< ISAKMP OAK TRANS *(HASH, ATTR) from {IP} 31 15:54:30.397 01/24/14 Sev=Info/4 IKE/0x63000013 SENDING >>> ISAKMP OAK TRANS *(HASH, ATTR) to {IP} 32 15:54:30.397 01/24/14 Sev=Info/4 IKE/0x63000017 Marking IKE SA for deletion (I_Cookie={cookie} R_Cookie={cookie}) reason = DEL_REASON_WE_FAILED_AUTH 33 15:54:30.398 01/24/14 Sev=Info/4 IKE/0x63000013 SENDING >>> ISAKMP OAK INFO *(HASH, DEL) to {IP} 34 15:54:30.453 01/24/14 Sev=Info/5 IKE/0x6300002F Received ISAKMP packet: peer = {IP} 35 15:54:30.454 01/24/14 Sev=Info/4 IKE/0x63000058 Received an ISAKMP message for a non-active SA, I_Cookie={Cookie} R_Cookie={Cookie} 36 15:54:30.454 01/24/14 Sev=Info/4 IKE/0x63000014 RECEIVING <<< ISAKMP OAK INFO *(Dropped) from {IP} 37 15:54:30.965 01/24/14 Sev=Info/4 IKE/0x6300004B Discarding IKE SA negotiation (I_Cookie={Cookie} R_Cookie={Cookie}) reason = DEL_REASON_WE_FAILED_AUTH 38 15:54:30.965 01/24/14 Sev=Info/4 CM/0x63100014 Unable to establish Phase 1 SA with server "{server}" because of "DEL_REASON_WE_FAILED_AUTH" 39 15:54:30.965 01/24/14 Sev=Info/5 CM/0x63100025 Initializing CVPNDrv 40 15:54:30.979 01/24/14 Sev=Info/6 CM/0x63100046 Set tunnel established flag in registry to 0. 41 15:54:30.979 01/24/14 Sev=Info/4 IKE/0x63000001 IKE received signal to terminate VPN connection 42 15:54:30.987 01/24/14 Sev=Info/4 IPSEC/0x63700014 Deleted all keys 43 15:54:30.987 01/24/14 Sev=Info/4 IPSEC/0x63700014 Deleted all keys 44 15:54:30.987 01/24/14 Sev=Info/4 IPSEC/0x63700014 Deleted all keys 45 15:54:30.987 01/24/14 Sev=Info/4 IPSEC/0x6370000A IPSec driver successfully stopped