If your machine is behind a firewall or running a personal firewall the following need to be opened to the VPN server(s):
UDP port 500 for IPSEC Key Mgmt
Protocol 50 for IPSEC Tunnel Encapsulation
The Windows XP firewall prior to SP2 is not compatible with the VPN client and needs to be disabled for the VPN client to successfully connect.
If your firewall (or possibly a NAT box) can not properly deal with IPSEC you can configure your client to tunnel all IPSEC traffic over UDP port 10000 and simply open that port on your firewall. Do this from properties, general tab. Click the box next to enable transparent tunneling and then click the radio button for allow IPSEC over UDP.
You may have your DNS servers hardcoded rather than using DHCP assigned DNS servers. The IP address of vpn.wl.rpi.edu when you are on the wireless network is 192.168.254.253. If you can ping the IP address then you have connectivity and you can connect by changing the host name in the VPN client to the IP address. You should change your configuration to use DHCP assigned DNS servers to avoid this problem.
On the Linksys router there is a known problem with firmware version 1.42.7. If you downgrade to version 1.40.2 or upgrade to version 1.4.3 the VPN client over the wireless connection will work. Please consult your Linksys documentation and/or support for information about downgrading the firmware.
The Cisco VPN client installs the CSgina.dll to
implement the Start Before Login feature. The CSgina.dll entry can be deleted from
the registry to restore the Welcome Screen and Fast user switching features.
Using regedit.exe or regedt32.exe, go to registry key:
Delete the value named GinaDLL.
NOTE: the entire GinaDLL value must be deleted, not just the value data
of "csgina.dll" or the features will not be restored.
This does not uninstall the client, but does disable the start before login feature.