This is the result of a known issue. If a Network Access Favorite is configured to use the integrated IP filtering engine feature of FirePass Network Access, the Favorite may fail when a Windows-based remote access client has one of McAfee's integrated security products installed.

When a Network Access Favorite is configured to use Split Tunneling, you can select the Enable integrated IP filtering engine check box, under the Policy Checks tab. When a Network Access Favorite is configured to use this feature, and a user logs into FirePass using a system that has one of McAfee's integrated security products installed, the Network Access Favorite fails and displays an error message in the Network Access window that appears similar to the following example:

An error occurred while configuring Network Access connection. Please contact your system administrator.

Additionally, the logterminal.txt file contains a sequence that appears similar to the following example:

Wed Nov 22 19:20:34 2006 GMT (DIALER:4088) UIpForwardTable::PatchRouteTable: Trying to add record to Firepass(10.10.190.60) Wed Nov 22 19:20:34 2006 GMT (TUNNEL:2440) UTunnel::Open() - exit Wed Nov 22 19:20:34 2006 GMT (HOST:4088) CControlData::DispatchEvent(OnError) Wed Nov 22 19:20:34 2006 GMT (TUNNEL:2440) UTie::open() - exit Wed Nov 22 19:20:34 2006 GMT (HOST:4088) CHostCtrl::DispatchEvent: Fired event OnError Number of arguments - 2 Wed Nov 22 19:20:34 2006 GMT (TUNNEL:2440) UTie::restart() - enter Wed Nov 22 19:20:34 2006 GMT (HOST:4088) CHostCtrl::DispatchVPNEvent (OnError,An error occurred while configuring Network Access connection. Please contact your system administrator Network Access connection is terminated.)

Important: If you receive the first error text listed above in your Network Access window, review the logterminal.txt file for error text to determine whether the problem is caused by the presence of a McAfee product, or if the problem is caused by another condition.

F5 Product Development is tracking this issue as ID 266733 (formerly CR72665).

Workaround

If you are using one of the McAfee products that causes this failure, you can work around this issue by uninstalling the product or by disabling the Enable integrated IP filtering engine feature.

To disable the integrated IP filtering engine feature, perform the following procedure:

1. Log in to the FirePass Administrative Console.
2. Click Network Access.
3. Click the Policy Checks tab.
4. Clear the Enable integrated IP filtering engine check box.

For more information on the integrated IP filtering engine, refer to the FirePass Controller Administrator Guide.

To uninstall a McAfee product, refer to the McAfee instructions for the McAfee product.