I recently needed to be able to use the Cisco VPN Client (I’m specifically referring to version: 5.0.07.0410 on 32bit Windows and version: 5.0.07.0440 on 64bit Windows, although this fix would apply to earlier versions as well) on my Windows 8.1 (32bit Windows) tablet (Acer Iconia), but was not able to connect to my remote VPN endpoint. I kept getting the this error: Reason 440: Driver Failure. I searched this error in Google and tried all sorts of fixes and patches and things from articles everywhere. No matter what I tried (for hours on end), the error message was always the same. Eventually, I just gave up.
Today, I decided to have one more look at the issue. I realized I hadn’t looked somewhere quite obvious; The Windows Event Viewer. Sure enough, under Windows Logs –> System, I found the following error message:
The Cisco Systems Inc. IPSec Driver service failed to start due to the following error: Windows cannot verify the digital signature for this file. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
So, to put it simply, Windows Driver Signature Enforcement (DSE) was at fault. Not the software VPN Client, not DNE, not the drivers, not Windows Update, and not having other VPN clients installed. It was simply DSE.
I tried disabling DSE (and that might be all you have to do), but it turned out I had to go one step further, because I couldn’t disable DSE.
Well, my tablet has something called ‘Secure Boot’ enabled. When I tried disabling DSE, I received a message telling me it wasn’t possible to disable it because I have Secure Boot enabled. So I did a quick search on how to Disable Secure Boot. I’d gone looking for the setting previously, but couldn’t find it because I had to set a user / system password in the BIOS first. After I set a password, voila! The Secure Boot setting appeared! After disabling Secure Boot, I started Windows 8.1 and was immediately able to use the Cisco VPN Client to connect to my remote VPN endpoint. I didn’t even need to re-install it.
Note: I’m not discrediting all the other articles on the internet and all their work arounds and fixes. They just simply didn’t work for me. If you’re system doesn’t have Secure Boot, than this fix won’t work for you. You’ll either need to disabled DSE or find another solution.
The thing that caught me up, was that I have another PC with Windows 8.1 on it, and all I had to do was install the Cisco VPN client and connect. It just worked straight out of the box. No fixes required. The only difference (other than it being a PC) was that it doesn’t have Secure Boot (older BIOS).