AnyConnect + Windows 8 ?

Similar Messages

• Anyconnect + windows 8.1 problem

  Hei guys,
  I'm getting really frustrated with this problem now. I have searched everywhere and tried everything I could and still I haven't solved this problem.
  After upgrading to windows 8.1, I uninstalled the previous version of anyconnect, removed the driver, and then installed the version
  3.1.05152. When I try to connect to my vpn, this message appears:
  "anyconnect cannot confirm it is connected to your secure gateway"
  and the connection is closed. I installed the server certificate into the trusted store, enabled/disabled the virtual port driver, restarted, unchecked the option "block connections to unstrusted servers" .. and nothing, always the same error message.
  What else can I try to make it work?
  Thanks!

  I also have this problem and have tried every available solution that I've come across from the DNE fix the registry fix to everything else. The registry change worked for Windows 8 but does not work for me in Windows 8.1.

• AnyConnect pre Windows login connects and disconnects for some users

  Hi,
  I have Cisco VPN AnyConnect (version 3.1.0310) clients with a connectivity issue which manifests as follows:
  A user boots their Windows 7 SP1 laptop up.
  Before Windows login, the user clicks "switch user" and enters their Cisco AnyConnect credentials (this connects OK).
  Once the VPN tunnel is established a user logs into Windows.
  At this point, 1 of 2 things happen:
  1. Most users VPN connection stays connected and user GPO processing\logins work as normal
  2. For a minority of users, the VPN connection disconnects and then reconnects. The VPN disconnect and reconnect causes connectivity issues with mapped drives and Outlook (most likely due to GPO processing not applying as the VPN tunnel wasn't established at the required time).
  There are no known commanalities between problematic users - all users are in the same OU and laptops are in the same OU, so they should be getting the same AD settings. The same user can login 14 times OK, but may experience this issue on the 15th occasion.
  Within the profile xml file (stored in c:\program data\) the key "AutoConnectStart" is set to false for user controllable and default value. The XML policy settings are being applied correctly (we've checked Event ID 3010 within the Cisco AnyConnect Windows logs).
  What we have noticed from using the back end Cisco monitoring client is that users who experience connection issues, connect pre windows login OK, but once they're logged into Windows the Cisco VPN AnyConnects seems to try and re-connect, which causes the current VPN tunnel to disconnect and re-connect. This disconnect and re-connect for users seems to cause issues with logon and GPO processing.
  So far, the only rock solid way we've found of stopping this disconnect and re-connect behaviour is by configuring a system deny permission on registry key "HKLM\Software\Microsoft\Windows\CurrentVersion\Run". This key contains an entry for Cisco AnyConnect VPN. Unfortunately setting a deny on the individual node value isn't possible and if the key is deleted or modified the system re-creates it. I'd rather avoid setting a system deny on the key for all users.
  Any advice on how troubleshoot and diagnose this problem is appreciated.
  Thanks

  I've attached some log files in case someone is particularly keen eyed at spotting issues (all data is anonymized)
  6
  Oct 30 2013
  10:19:31
  172.16.12.17
  58124
  10.5.128.21
  8080
  Built inbound TCP connection 123678229 for outside:172.16.12.17/58124 (172.16.12.17/58124)(LOCAL\jpk789) to inside:10.5.128.21/8080 (10.5.128.21/8080)
  6
  Oct 30 2013
  10:19:31
  172.16.12.17
  58122
  10.5.140.210
  443
  Teardown TCP connection 123678214 for outside:172.16.12.17/58122(LOCAL\jpk789) to inside:10.5.140.210/443 duration 0:00:00 bytes 11971 TCP Reset-O
  6
  Oct 30 2013
  10:19:31
  172.16.12.17
  51368
  10.5.141.155
  53
  Teardown UDP connection 123678191 for outside:172.16.12.17/51368(LOCAL\jpk789) to inside:10.5.141.155/53 duration 0:00:00 bytes 110
  6
  Oct 30 2013
  10:19:31
  172.16.12.17
  58123
  10.5.12.182
  88
  Built inbound TCP connection 123678217 for outside:172.16.12.17/58123 (172.16.12.17/58123)(LOCAL\jpk789) to inside:10.5.12.182/88 (10.5.12.182/88)
  6
  Oct 30 2013
  10:19:31
  172.16.12.17
  62455
  10.5.141.155
  53
  Teardown UDP connection 123678189 for outside:172.16.12.17/62455(LOCAL\jpk789) to inside:10.5.141.155/53 duration 0:00:00 bytes 430
  6
  Oct 30 2013
  10:19:31
  172.16.12.17
  58122
  10.5.140.210
  443
  Built inbound TCP connection 123678214 for outside:172.16.12.17/58122 (172.16.12.17/58122)(LOCAL\jpk789) to inside:10.5.140.210/443 (10.5.140.210/443)
  6
  Oct 30 2013
  10:19:31
  172.16.12.17
  56197
  10.5.141.155
  53
  Built inbound UDP connection 123678212 for outside:172.16.12.17/56197 (172.16.12.17/56197)(LOCAL\jpk789) to inside:10.5.141.155/53 (10.5.141.155/53)
  6
  Oct 30 2013
  10:19:31
  172.16.12.17
  58121
  10.5.12.179
  389
  Built inbound TCP connection 123678196 for outside:172.16.12.17/58121 (172.16.12.17/58121)(LOCAL\jpk789) to inside:10.5.12.179/389 (10.5.12.179/389)
  6
  Oct 30 2013
  10:19:31
  172.16.12.17
  58120
  10.5.12.199
  80
  Built inbound TCP connection 123678195 for outside:172.16.12.17/58120 (172.16.12.17/58120)(LOCAL\jpk789) to inside:10.5.12.199/80 (10.5.12.199/80)
  6
  Oct 30 2013
  10:19:31
  172.16.12.17
  51368
  10.5.141.155
  53
  Built inbound UDP connection 123678191 for outside:172.16.12.17/51368 (172.16.12.17/51368)(LOCAL\jpk789) to inside:10.5.141.155/53 (10.5.141.155/53)
  6
  Oct 30 2013
  10:19:31
  172.16.12.17
  62458
  10.5.12.182
  389
  Built inbound UDP connection 123678190 for outside:172.16.12.17/62458 (172.16.12.17/62458)(LOCAL\jpk789) to inside:10.5.12.182/389 (10.5.12.182/389)
  6
  Oct 30 2013
  10:19:31
  172.16.12.17
  62455
  10.5.141.155
  53
  Built inbound UDP connection 123678189 for outside:172.16.12.17/62455 (172.16.12.17/62455)(LOCAL\jpk789) to inside:10.5.141.155/53 (10.5.141.155/53)
  6
  Oct 30 2013
  10:19:30
  IPSEC: An inbound remote access SA (SPI= 0x67ED9B28) between 80.21.182.245 and 75.12.34.56 (user= jpk789) has been created.
  6
  Oct 30 2013
  10:19:30
  IPSEC: An outbound remote access SA (SPI= 0x9C00507E) between 80.21.182.245 and 75.12.34.56 (user= jpk789) has been created.
  6
  Oct 30 2013
  10:19:30
  Group User IP <75.12.34.56> AnyConnect session resumed connection from IP <75.12.34.56>.
  5
  Oct 30 2013
  10:19:30
  Local:80.21.182.245:4500 Remote:75.12.34.56:62457 Username:jpk789 SA UP. Reason: New Connection Established
  4
  Oct 30 2013
  10:19:30
  Local:80.21.182.245:4500 Remote:75.12.34.56:62457 Username:jpk789 Warning Configuration Payload request for attribute 0x7041 could not be processed. Error: Unknown/Unsupported Attribute
  4
  Oct 30 2013
  10:19:30
  Local:80.21.182.245:4500 Remote:75.12.34.56:62457 Username:jpk789 Warning Configuration Payload request for attribute 0x7040 could not be processed. Error: Unknown/Unsupported Attribute
  4
  Oct 30 2013
  10:19:30
  Local:80.21.182.245:4500 Remote:75.12.34.56:62457 Username:jpk789 Warning Configuration Payload request for attribute 0x703f could not be processed. Error: Unknown/Unsupported Attribute
  4
  Oct 30 2013
  10:19:30
  Local:80.21.182.245:4500 Remote:75.12.34.56:62457 Username:jpk789 Warning Configuration Payload request for attribute 0x703e could not be processed. Error: Unknown/Unsupported Attribute
  4
  Oct 30 2013
  10:19:30
  Local:80.21.182.245:4500 Remote:75.12.34.56:62457 Username:jpk789 Warning Configuration Payload request for attribute 0x703d could not be processed. Error: Unknown/Unsupported Attribute
  4
  Oct 30 2013
  10:19:30
  Local:80.21.182.245:4500 Remote:75.12.34.56:62457 Username:jpk789 Warning Configuration Payload request for attribute 0x703c could not be processed. Error: Unknown/Unsupported Attribute
  4
  Oct 30 2013
  10:19:30
  Local:80.21.182.245:4500 Remote:75.12.34.56:62457 Username:jpk789 Warning Configuration Payload request for attribute 0x703b could not be processed. Error: Unknown/Unsupported Attribute
  6
  Oct 30 2013
  10:19:18
  172.16.12.17
  64287
  10.5.12.182
  445
  Teardown TCP connection 123673186 for outside:172.16.12.17/64287(LOCAL\jpk789) to inside:10.5.12.182/445 duration 0:02:01 bytes 14605 Tunnel has been torn down
  6
  Oct 30 2013
  10:19:17
  172.16.12.17
  64278
  10.5.141.144
  445
  Teardown TCP connection 123672510 for outside:172.16.12.17/64278(LOCAL\jpk789) to inside:10.5.141.144/445 duration 0:02:15 bytes 9237 Tunnel has been torn down
  6
  Oct 30 2013
  10:19:14
  172.16.12.17
  64273
  10.5.140.231
  445
  Teardown TCP connection 123672368 for outside:172.16.12.17/64273(LOCAL\jpk789) to inside:10.5.140.231/445 duration 0:02:16 bytes 7297 Tunnel has been torn down
  6
  Oct 30 2013
  10:19:04
  172.16.12.17
  54449
  10.5.141.155
  389
  Teardown UDP connection 123672541 for outside:172.16.12.17/54449(LOCAL\jpk789) to inside:10.5.141.155/389 duration 0:02:01 bytes 366
  6
  Oct 30 2013
  10:19:04
  172.16.12.17
  137
  10.5.141.155
  137
  Teardown UDP connection 123672421 for outside:172.16.12.17/137(LOCAL\jpk789) to inside:10.5.141.155/137 duration 0:02:04 bytes 486
  6
  Oct 30 2013
  10:19:00
  172.16.12.17
  138
  10.5.141.155
  138
  Teardown UDP connection 123672424 for outside:172.16.12.17/138(LOCAL\jpk789) to inside:10.5.141.155/138 duration 0:02:01 bytes 177
  6
  Oct 30 2013
  10:18:58
  172.16.12.17
  63666
  10.5.141.155
  389
  Teardown UDP connection 123672316 for outside:172.16.12.17/63666(LOCAL\jpk789) to inside:10.5.141.155/389 duration 0:02:01 bytes 366
  6
  Oct 30 2013
  10:18:58
  172.16.12.17
  53105
  10.5.141.155
  389
  Teardown UDP connection 123672300 for outside:172.16.12.17/53105(LOCAL\jpk789) to inside:10.5.141.155/389 duration 0:02:01 bytes 366
  6
  Oct 30 2013
  10:18:47
  172.16.12.17
  61715
  10.5.12.182
  389
  Teardown UDP connection 123671945 for outside:172.16.12.17/61715(LOCAL\jpk789) to inside:10.5.12.182/389 duration 0:02:01 bytes 312
  6
  Oct 30 2013
  10:18:43
  172.16.12.17
  54262
  10.5.12.179
  389
  Teardown UDP connection 123671801 for outside:172.16.12.17/54262(LOCAL\jpk789) to inside:10.5.12.179/389 duration 0:02:01 bytes 355
  6
  Oct 30 2013
  10:18:42
  172.16.12.17
  57911
  10.5.141.156
  389
  Teardown UDP connection 123671777 for outside:172.16.12.17/57911(LOCAL\jpk789) to inside:10.5.141.156/389 duration 0:02:01 bytes 365
  6
  Oct 30 2013
  10:18:40
  172.16.12.17
  123
  10.5.12.182
  123
  Teardown UDP connection 123671670 for outside:172.16.12.17/123(LOCAL\jpk789) to inside:10.5.12.182/123 duration 0:02:01 bytes 136
  6
  Oct 30 2013
  10:18:40
  172.16.12.17
  58107
  10.5.12.179
  389
  Teardown UDP connection 123671639 for outside:172.16.12.17/58107(LOCAL\jpk789) to inside:10.5.12.179/389 duration 0:02:01 bytes 356
  6
  Oct 30 2013
  10:18:40
  172.16.12.17
  58825
  10.5.12.179
  389
  Teardown UDP connection 123671633 for outside:172.16.12.17/58825(LOCAL\jpk789) to inside:10.5.12.179/389 duration 0:02:02 bytes 355
  6
  Oct 30 2013
  10:18:39
  172.16.12.17
  60424
  10.5.141.156
  389
  Teardown UDP connection 123671611 for outside:172.16.12.17/60424(LOCAL\jpk789) to inside:10.5.141.156/389 duration 0:02:01 bytes 365
  6
  Oct 30 2013
  10:18:38
  172.16.12.17
  56635
  10.5.141.156
  389
  Teardown UDP connection 123671566 for outside:172.16.12.17/56635(LOCAL\jpk789) to inside:10.5.141.156/389 duration 0:02:01 bytes 365
  6
  Oct 30 2013
  10:18:38
  172.16.12.17
  61204
  10.5.12.179
  389
  Teardown UDP connection 123671558 for outside:172.16.12.17/61204(LOCAL\jpk789) to inside:10.5.12.179/389 duration 0:02:01 bytes 355
  6
  Oct 30 2013
  10:18:38
  172.16.12.17
  50615
  10.5.12.179
  389
  Teardown UDP connection 123671545 for outside:172.16.12.17/50615(LOCAL\jpk789) to inside:10.5.12.179/389 duration 0:02:01 bytes 355
  6
  Oct 30 2013
  10:18:38
  172.16.12.17
  57940
  10.5.141.154
  389
  Teardown UDP connection 123671537 for outside:172.16.12.17/57940(LOCAL\jpk789) to inside:10.5.141.154/389 duration 0:02:02 bytes 313
  6
  Oct 30 2013
  10:18:38
  172.16.12.17
  57939
  10.5.141.156
  389
  Teardown UDP connection 123671536 for outside:172.16.12.17/57939(LOCAL\jpk789) to inside:10.5.141.156/389 duration 0:02:02 bytes 366
  6
  Oct 30 2013
  10:18:38
  172.16.12.17
  64495
  10.5.12.182
  389
  Teardown UDP connection 123671532 for outside:172.16.12.17/64495(LOCAL\jpk789) to inside:10.5.12.182/389 duration 0:02:02 bytes 356
  6
  Oct 30 2013
  10:18:37
  172.16.12.17
  62965
  10.5.12.182
  389
  Teardown UDP connection 123671521 for outside:172.16.12.17/62965(LOCAL\jpk789) to inside:10.5.12.182/389 duration 0:02:01 bytes 356
  6
  Oct 30 2013
  10:18:37
  172.16.12.17
  54994
  10.5.12.179
  389
  Teardown UDP connection 123671514 for outside:172.16.12.17/54994(LOCAL\jpk789) to inside:10.5.12.179/389 duration 0:02:01 bytes 356
  6
  Oct 30 2013
  10:18:37
  172.16.12.17
  54993
  10.5.12.179
  389
  Teardown UDP connection 123671513 for outside:172.16.12.17/54993(LOCAL\jpk789) to inside:10.5.12.179/389 duration 0:02:01 bytes 356
  6
  Oct 30 2013
  10:18:37
  172.16.12.17
  63390
  10.34.140.104
  389
  Teardown UDP connection 123671483 for outside:172.16.12.17/63390(LOCAL\jpk789) to inside:10.34.140.104/389 duration 0:02:01 bytes 385
  6
  Oct 30 2013
  10:18:37
  172.16.12.17
  63389
  10.33.140.104
  389
  Teardown UDP connection 123671482 for outside:172.16.12.17/63389(LOCAL\jpk789) to inside:10.33.140.104/389 duration 0:02:01 bytes 384
  6
  Oct 30 2013
  10:18:10
  IPSEC: An inbound remote access SA (SPI= 0x5650EE30) between 75.12.34.56 and 80.21.182.245 (user= jpk789) has been deleted.
  6
  Oct 30 2013
  10:18:10
  IPSEC: An outbound remote access SA (SPI= 0x42DBDD66) between 80.21.182.245 and 75.12.34.56 (user= jpk789) has been deleted.
  6
  Oct 30 2013
  10:18:10
  Group User IP <75.12.34.56> AnyConnect session lost connection. Waiting to resume.
  5
  Oct 30 2013
  10:18:10
  Local:80.21.182.245:4500 Remote:75.12.34.56:57103 Username:jpk789 SA DOWN. Reason: peer lost
  6
  Oct 30 2013
  10:17:42
  172.16.12.17
  64250
  10.5.141.186
  445
  Teardown TCP connection 123671908 for outside:172.16.12.17/64250(LOCAL\jpk789) to inside:10.5.141.186/445 duration 0:00:57 bytes 454851 TCP Reset-I
  6
  Oct 30 2013
  10:17:20
  172.16.12.17
  137
  172.16.13.255
  137
  Teardown UDP connection 123673268 for outside:172.16.12.17/137(LOCAL\jpk789) to outside:172.16.13.255/137 duration 0:00:00 bytes 0
  6
  Oct 30 2013
  10:17:19
  172.16.12.17
  137
  172.16.13.255
  137
  Teardown UDP connection 123673244 for outside:172.16.12.17/137(LOCAL\jpk789) to outside:172.16.13.255/137 duration 0:00:00 bytes 0
  6
  Oct 30 2013
  10:17:18
  172.16.12.17
  137
  172.16.13.255
  137
  Teardown UDP connection 123673218 for outside:172.16.12.17/137(LOCAL\jpk789) to outside:172.16.13.255/137 duration 0:00:00 bytes 0
  6
  Oct 30 2013
  10:16:36
  172.16.12.17
  63060
  10.5.141.155
  53
  Built inbound UDP connection 123671551 for outside:172.16.12.17/63060 (172.16.12.17/63060)(LOCAL\jpk789) to inside:10.5.141.155/53 (10.5.141.155/53)
  6
  Oct 30 2013
  10:16:36
  172.16.12.17
  63010
  10.5.12.182
  88
  Built inbound TCP connection 123671549 for outside:172.16.12.17/63010 (172.16.12.17/63010)(LOCAL\jpk789) to inside:10.5.12.182/88 (10.5.12.182/88)
  6
  Oct 30 2013
  10:16:36
  172.16.12.17
  63009
  10.5.12.182
  88
  Built inbound TCP connection 123671548 for outside:172.16.12.17/63009 (172.16.12.17/63009)(LOCAL\jpk789) to inside:10.5.12.182/88 (10.5.12.182/88)
  6
  Oct 30 2013
  10:16:36
  172.16.12.17
  63008
  10.5.141.156
  389
  Built inbound TCP connection 123671546 for outside:172.16.12.17/63008 (172.16.12.17/63008)(LOCAL\jpk789) to inside:10.5.141.156/389 (10.5.141.156/389)
  6
  Oct 30 2013
  10:16:36
  172.16.12.17
  50615
  10.5.12.179
  389
  Built inbound UDP connection 123671545 for outside:172.16.12.17/50615 (172.16.12.17/50615)(LOCAL\jpk789) to inside:10.5.12.179/389 (10.5.12.179/389)
  6
  Oct 30 2013
  10:16:36
  172.16.12.17
  63007
  10.5.12.182
  88
  Built inbound TCP connection 123671544 for outside:172.16.12.17/63007 (172.16.12.17/63007)(LOCAL\jpk789) to inside:10.5.12.182/88 (10.5.12.182/88)
  6
  Oct 30 2013
  10:16:36
  172.16.12.17
  55425
  10.5.141.155
  53
  Teardown UDP connection 123671487 for outside:172.16.12.17/55425(LOCAL\jpk789) to inside:10.5.141.155/53 duration 0:00:00 bytes 164
  6
  Oct 30 2013
  10:16:36
  172.16.12.17
  50614
  10.5.141.155
  53
  Built inbound UDP connection 123671543 for outside:172.16.12.17/50614 (172.16.12.17/50614)(LOCAL\jpk789) to inside:10.5.141.155/53 (10.5.141.155/53)
  6
  Oct 30 2013
  10:16:35
  172.16.12.17
  56263
  10.5.141.156
  53
  Built inbound UDP connection 123671461 for outside:172.16.12.17/56263 (172.16.12.17/56263)(LOCAL\jpk789) to inside:10.5.141.156/53 (10.5.141.156/53)
  6
  Oct 30 2013
  10:16:35
  172.16.12.17
  60708
  10.5.141.155
  53
  Built inbound UDP connection 123671460 for outside:172.16.12.17/60708 (172.16.12.17/60708)(LOCAL\jpk789) to inside:10.5.141.155/53 (10.5.141.155/53)
  6
  Oct 30 2013
  10:16:35
  172.16.12.17
  56982
  10.5.141.156
  53
  Built inbound UDP connection 123671459 for outside:172.16.12.17/56982 (172.16.12.17/56982)(LOCAL\jpk789) to inside:10.5.141.156/53 (10.5.141.156/53)
  6
  Oct 30 2013
  10:16:35
  172.16.12.17
  64548
  10.5.141.155
  53
  Built inbound UDP connection 123671458 for outside:172.16.12.17/64548 (172.16.12.17/64548)(LOCAL\jpk789) to inside:10.5.141.155/53 (10.5.141.155/53)
  6
  Oct 30 2013
  10:16:35
  172.16.12.17
  60827
  10.5.141.156
  53
  Built inbound UDP connection 123671457 for outside:172.16.12.17/60827 (172.16.12.17/60827)(LOCAL\jpk789) to inside:10.5.141.156/53 (10.5.141.156/53)
  6
  Oct 30 2013
  10:16:35
  172.16.12.17
  64207
  10.5.141.155
  53
  Built inbound UDP connection 123671453 for outside:172.16.12.17/64207 (172.16.12.17/64207)(LOCAL\jpk789) to inside:10.5.141.155/53 (10.5.141.155/53)
  6
  Oct 30 2013
  10:16:35
  172.16.12.17
  137
  172.16.13.255
  137
  Teardown UDP connection 123671443 for outside:172.16.12.17/137(LOCAL\jpk789) to outside:172.16.13.255/137 duration 0:00:00 bytes 0
  6
  Oct 30 2013
  10:16:35
  172.16.12.17
  137
  172.16.13.255
  137
  Teardown UDP connection 123671442 for outside:172.16.12.17/137(LOCAL\jpk789) to outside:172.16.13.255/137 duration 0:00:00 bytes 0
  6
  Oct 30 2013
  10:16:35
  172.16.12.17
  137
  172.16.13.255
  137
  Teardown UDP connection 123671441 for outside:172.16.12.17/137(LOCAL\jpk789) to outside:172.16.13.255/137 duration 0:00:00 bytes 0
  6
  Oct 30 2013
  10:16:34
  IPSEC: An inbound remote access SA (SPI= 0x5650EE30) between 80.21.182.245 and 75.12.34.56 (user= jpk789) has been created.
  6
  Oct 30 2013
  10:16:34
  IPSEC: An outbound remote access SA (SPI= 0x42DBDD66) between 80.21.182.245 and 75.12.34.56 (user= jpk789) has been created.
  5
  Oct 30 2013
  10:16:34
  Local:80.21.182.245:4500 Remote:75.12.34.56:57103 Username:jpk789 SA UP. Reason: New Connection Established
  4
  Oct 30 2013
  10:16:34
  Local:80.21.182.245:4500 Remote:75.12.34.56:57103 Username:jpk789 Warning Configuration Payload request for attribute 0x7041 could not be processed. Error: Unknown/Unsupported Attribute
  4
  Oct 30 2013
  10:16:34
  Local:80.21.182.245:4500 Remote:75.12.34.56:57103 Username:jpk789 Warning Configuration Payload request for attribute 0x7040 could not be processed. Error: Unknown/Unsupported Attribute
  4
  Oct 30 2013
  10:16:34
  Local:80.21.182.245:4500 Remote:75.12.34.56:57103 Username:jpk789 Warning Configuration Payload request for attribute 0x703f could not be processed. Error: Unknown/Unsupported Attribute
  4
  Oct 30 2013
  10:16:34
  Local:80.21.182.245:4500 Remote:75.12.34.56:57103 Username:jpk789 Warning Configuration Payload request for attribute 0x703e could not be processed. Error: Unknown/Unsupported Attribute
  4
  Oct 30 2013
  10:16:34
  Local:80.21.182.245:4500 Remote:75.12.34.56:57103 Username:jpk789 Warning Configuration Payload request for attribute 0x703d could not be processed. Error: Unknown/Unsupported Attribute
  4
  Oct 30 2013
  10:16:34
  Local:80.21.182.245:4500 Remote:75.12.34.56:57103 Username:jpk789 Warning Configuration Payload request for attribute 0x703c could not be processed. Error: Unknown/Unsupported Attribute
  4
  Oct 30 2013
  10:16:34
  Local:80.21.182.245:4500 Remote:75.12.34.56:57103 Username:jpk789 Warning Configuration Payload request for attribute 0x703b could not be processed. Error: Unknown/Unsupported Attribute
  6
  Oct 30 2013
  10:16:34
  Group User IP <75.12.34.56> AnyConnect parent session started.
  6
  Oct 30 2013
  10:16:34
  DAP: User jpk789, Addr 75.12.34.56, Connection AnyConnect: The following DAP records were selected for this connection: ContosoPolicy
  6
  Oct 30 2013
  10:16:34
  AAA transaction status ACCEPT : user = jpk789
  6
  Oct 30 2013
  10:16:34
  AAA retrieved default group policy (DfltGrpPolicy) for user = jpk789
  6
  Oct 30 2013
  10:16:34
  AAA retrieved user specific group policy (useGroup1s.Grp) for user = jpk789
  6
  Oct 30 2013
  10:16:34
  AAA group policy for user jpk789 is being set to useGroup1s.Grp;
  6
  Oct 30 2013
  10:16:34
  AAA user authentication Successful : server = 192.168.7.4 : user = jpk789

• IOS WebVPN AnyConnect keeps reconnecting

  Hi
  AnyConnect 3.1.05152 and 3.1.04063 reconnects about every minute on Windows 7 x64 and Windows 8.1 x32. This issue happens whether I'm connected via cable or wireless. Sometimes I see strange messages on the routers console depending on the client I use:
  169BEE80: 16030300 89010000 85030352 BD99CFBD  ...........R=.O=169BEE90: DBFF9A0E BFC9ADB6 8F77265E 80728829  [...?I-6.w&^.r.)169BEEA0: 42F01ED7 6999F45E 0CDCB800 0026003C  Bp.Wi.t^.\8..&.<..
  Gateway: Cisco 897VAW router, Cisco IOS Software, C800 Software (C800-UNIVERSALK9-M), Version 15.4(1)T, RELEASE SOFTWARE (fc2). The problem also exists in with 15.3.3M1.
  For troubleshooting purposes I connected the router and the client on the same subnet. On the client I'm pinging a loopback address of the router.
  Message history in AnyConnect:
  [12/27/13 16:33:21] Establishing VPN...[27.12.2013 16:33:21] Connected to 192.168.x.y.[27.12.2013 16:33:50] Reconnecting to 192.168.x.y...[27.12.2013 16:33:50] Connected to 192.168.x.y.[27.12.2013 16:34:20] Reconnecting to 192.168.x.y...[27.12.2013 16:34:22] Connected to 192.168.x.y.[27.12.2013 16:34:52] Reconnecting to 192.168.x.y...[27.12.2013 16:34:56] Connected to 192.168.x.y.[27.12.2013 16:35:26] Reconnecting to 192.168.x.y...[27.12.2013 16:35:43] Establishing VPN - Examining system...[27.12.2013 16:35:43] Establishing VPN - Activating VPN adapter...[27.12.2013 16:35:43] Establishing VPN - Configuring system...[27.12.2013 16:35:44] Establishing VPN...[27.12.2013 16:35:44] Connected to 192.168.x.y.[27.12.2013 16:36:13] Reconnecting to 192.168.x.y...[27.12.2013 16:36:13] Connected to 192.168.x.y.[27.12.2013 16:36:43] Reconnecting to 192.168.x.y...[27.12.2013 16:36:45] Connected to 192.168.x.y.[27.12.2013 16:37:15] Reconnecting to 192.168.x.y...[27.12.2013 16:37:20] Connected to 192.168.x.y.[27.12.2013 16:37:49] Reconnecting to 192.168.x.y...[27.12.2013 16:38:06] Establishing VPN - Examining system...[27.12.2013 16:38:06] Establishing VPN - Activating VPN adapter...[27.12.2013 16:38:06] Establishing VPN - Configuring system...[27.12.2013 16:38:07] Establishing VPN...[27.12.2013 16:38:07] Connected to 192.168.x.y.[27.12.2013 16:38:36] Reconnecting to 192.168.x.y...[27.12.2013 16:38:36] Connected to 192.168.x.y.[27.12.2013 16:39:06] Reconnecting to 192.168.x.y...[27.12.2013 16:39:08] Connected to 192.168.x.y.[27.12.2013 16:39:38] Reconnecting to 192.168.x.y...[...]
  Messages found via DART:
  Date        : 12/27/2013Time        : 16:33:50Type        : ErrorSource      : acvpnagentDescription : Function: CTlsTunnelMgr::OnTunnelReadCompleteFile: .\TlsTunnelMgr.cppLine: 1690Invoked Function: CTunnelStateMgr::readTunnelReturn Code: -31588336 (0xFE1E0010)Description: SOCKETTRANSPORT_ERROR_TRANSPORT_SHUTDOWN:The socket was shutdown by the operating system or a remote peer.callback******************************************Date        : 12/27/2013Time        : 16:33:50Type        : WarningSource      : acvpnagentDescription : Tunnel level reconnect reason code 6:Disruption of the VPN connection to the secure gateway.Caching the default reconnect reason for SSL******************************************Date        : 12/27/2013Time        : 16:33:50Type        : InformationSource      : acvpnagentDescription : The Primary SSL connection to the secure gateway is being re-established.******************************************Date        : 12/27/2013Time        : 16:33:50Type        : InformationSource      : acvpnagentDescription : The VPN client has sent the following close message to the gateway:Reconnecting to recover from error.******************************************Date        : 12/27/2013Time        : 16:33:50Type        : WarningSource      : acvpnagentDescription : A SSL Alert was sent by the client during a write operation.  Severity: warning Description: close notify
  Example session on router:
  show webvpn session user xy context all detailSession Type      : Full TunnelClient User-Agent : AnyConnect Windows 3.1.04063Username          : xy                   Num Connection : 1Public IP         : 192.168.x.x          VRF Name       : NoneContext           : PLUTO                Policy Group   : VPN-POLICYLast-Used         : 00:00:00             Created        : 16:10:49.136 UTC Fri Dec 27 2013Session Timeout   : Disabled             Idle Timeout   : 2100DPD GW Timeout    : 300                  DPD CL Timeout : 300Address Pool      : webvpn-pool          MTU Size       : 1399Rekey Time        : 3600                 Rekey Method   :Lease Duration    : 43200Tunnel IP         : 192.168.30.14        Netmask        : 255.255.255.0Tunnel-mode filte : VPN-ACLRx IP Packets     : 85                   Tx IP Packets  : 175CSTP Started      : 00:00:04             Last-Received  : 00:00:00CSTP DPD-Req sent : 0                    Virtual Access : 1Msie-ProxyServer  : None                 Msie-PxyPolicy : DisabledMsie-Exception    :Split Include     : 192.168.34.0 255.255.255.0                    192.168.30.0 255.255.255.0Client Ports      : 49390
  Relevant router configuration:
  aaa new-modelaaa authentication login WEBVPN local-caseusername xy@domain ...crypto vpn anyconnect flash:/webvpn/anyconnect-win-3.1.04063-k9.pkg sequence 1webvpn gateway STARGATE ip interface Vlan1 port 443 ssl encryption aes256-sha1 rsa-dhe-aes128-sha1 rsa-dhe-aes256-sha1 ssl trustpoint webvpn inservice !webvpn context PLUTO[...] acl "VPN-ACL"   permit ip 192.168.30.0 255.255.255.0 ... ! acl "DENY-ACL"   deny ip any any aaa authentication list WEBVPN aaa authentication domain @domain gateway STARGATE max-users 5 ! ssl authenticate verify all ! inservice ! policy group VPN-POLICY   acl "DENY-ACL"   functions svc-enabled   functions svc-required   filter tunnel VPN-ACL   svc address-pool "webvpn-pool" netmask 255.255.255.255   svc split include 192.168.34.0 255.255.255.0   svc split include 192.168.30.0 255.255.255.0 default-group-policy VPN-POLICY
  I've already tried to use rc4-md5 as SSL encryption in the gateway, but it didn't solve the problem.
  How can I fix this problem?

  Hi !
  I have exactly same error ! AnyConnect session is reconnecting every 30 seconds, when CSTP timer reaches 29 seconds.
  Router#sh webvpn session user USER context all
  Session Type : Clientless
  Client User-Agent : AnyConnect Windows 4.0.00048
  Username : USER Num Connection : 0
  Public IP : 10.10.10.10 VRF Name : None
  Context : VPN Policy Group : POLICY
  Last-Used : 00:28:07 Created : 20:49:47.999 MSK Mon Apr 6 2015
  Session Timeout : Disabled Idle Timeout : 2100
  DNS primary serve : 1.1.1.1
  DNS secondary ser : 1.1.1.2
  Citrix : Disabled Citrix Filter : None
  Capabilites :
  Session Type : Full Tunnel
  Client User-Agent : AnyConnect Windows 4.0.00048
  Username : USER Num Connection : 1
  Public IP : 10.10.10.10 VRF Name : None
  Context : VPN Policy Group : POLICY
  Last-Used : 00:00:00 Created : 20:57:04.657 MSK Mon Apr 6 2015
  Session Timeout : Disabled Idle Timeout : 2100
  DNS primary serve : 1.1.1.1
  DNS secondary ser : 1.1.1.2
  DPD GW Timeout : 300 DPD CL Timeout : 300
  Address Pool : RemoteAdminsPool MTU Size : 1199
  Rekey Time : 3600 Rekey Method :
  Lease Duration : 43200
  Tunnel IP : 100.100.100.2 Netmask : 255.255.255.0
  Rx IP Packets : 1329 Tx IP Packets : 2023
  CSTP Started : 00:00:29 Last-Received : 00:00:00
  CSTP DPD-Req sent : 0 Virtual Access : 4
  Msie-ProxyServer : None Msie-PxyPolicy : Disabled
  Msie-Exception :
  Split Include : ACL ACL_1
  Client Ports : 31054
  Next sh webvpn session output looks like:
  Router#sh webvpn session user USER context all
  Session Type : Clientless
  Client User-Agent : AnyConnect Windows 4.0.00048
  Username : USER Num Connection : 0
  Public IP : 10.10.10.10 VRF Name : None
  Context : VPN Policy Group : POLICY
  Last-Used : 00:36:22 Created : 20:49:47.999 MSK Mon Apr 6 2015
  Session Timeout : Disabled Idle Timeout : 2100
  DNS primary serve : 1.1.1.1
  DNS secondary ser : 1.1.1.2
  Citrix : Disabled Citrix Filter : None
  Capabilites :
  Session Type : Clientless
  Client User-Agent : AnyConnect Windows 4.0.00048
  Username : USER Num Connection : 0
  Public IP : 10.10.10.10 VRF Name : None
  Context : VPN Policy Group : POLICY
  Last-Used : 00:00:00 Created : 21:25:41.482 MSK Mon Apr 6 2015
  Session Timeout : Disabled Idle Timeout : 2100
  DNS primary serve : 1.1.1.1
  DNS secondary ser : 1.1.1.2
  Citrix : Disabled Citrix Filter : None
  Capabilites : svc-required
  svc-enabled
  So my FullTunnel session change to Clientless after 30 seconds, and back to FullTunnel. CSTP timer reaches 29 seconds and all repeats.

• OS X 10.8.3 AnyConnect 2.5.3054 Network Access Unavailable

  I am trying to connect using:
  AnyConnect 2.5.3054
  on Mac OS X 10.8.3
  MacPro
  via Wifi AirPort on en2
  I have just installed AnyConnect. When I start it up I get the following message in the AnyConnect window: "Network Access:  Unavailable - No Networks Detected"
  If I try to connect a dropdown window appears saying "Warning: The follwing Certificate received from the Server could not be verified" with some other metadata I cannot share.
  It then provides me with a username and password fields. After succesfully entering them, it tries to connect and then a dropdown message window appears stating "AnyConnect was not able to estabmish a connection to the specified secure gateway. Please try connecting again."
  I can connect using my MacBook Pro using the OS and version of AnyConnect. The difference seems to be the machine type.
  I saw the post about 10.6.8 and not using Back-To-My-Mac on MobileMe. I am using iCloud, but Back-To-My-Mac has never been enabled.
  Note: I do have network access on the MacPro. That is I can connect via web and email, etc.

  Ari,
  10.8 Mac support has been only added in Anyconnect 3.1.
  Compare:
  http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnect31/release/notes/anyconnect31rn.html#wp1067508
  to:
  http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnect30/release/notes/anyconnect30rn.html#wp1578101
  and
  http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnect25/release/notes/anyconnect25rn.html#wp1068230
  M.

• AnyConnect: How do I safely use it for two separate VPN accounts?

  appreciate advice
  Already have Cisco AnyConnect installed  on my MacBookPRO and configured to access my workstation in my office.
  Another organization wants me to use a VPN to its database. The IT guy from the second organization provided a  URL from the organization to install Cisco AnyConnect  for the organization's VPN>
  I am afraid to allow this second install of Cisco AnyConnect
  Will it overwrite the setting , setup for my employment related connection?
  AnyConnect ,when I launch it shows the vpn address for my employer.
  If have not found anywhere in the preferences where I could list a second vpn address.
  I made a copy of the Cisco AnyConnect application I have installed on my Mac .
  But when I launch it, my work related VPN address shows up so clearly there is one preference somewhere in my system library to which all copies of AnyConnect will connect.
  I erased my work vpn address from the address window  in the AnyConnect window.
  Typed in the VPN address for the second organization and logged ( although I did not connect to the  new VPN)
  When I quit Cisco and logged in again, my employment related VPN showed up in the window but I had to to click to agree to the Certificate- something I have not had do do when I only used one VPN addrsss.
  So, what do i do so that Cisco will let me, at separate times, log into both VPN addresses without messing up my access?

  Thank you But since the second VPN certificate is loaded in VPN 3, I do
  not connect via the VPN 2 version ( Any/Connect) which I have installed
  on my computer
  I tried doing what you describe and the software keeps trying to connect
  and never establishes that Connection is successful
  Sincerely
  Barbara P
  Barbara N. Passman LCSW, ACSW
  Senior Social Worker
  Outpatient Adult Services
  University of Chicago Medical Center
  Office 773 702 1810 Facsiimile 773 702 9630
  Pager 7619 External Page 773 215 6093
  P Please consider the environment before printing this e-mail.

• AnyConnect failing to auto-update upon connecting, requires a re-install

  We recently upgraded our 5510 at one of our clients to ASA software version 9.1(5), and after that was up and running and stable, we decided to upload the newest AnyConnect package files to the firewall for VPN users to get updated to the latest version.  
  The VPN connection is setup with radius authentication, and it has been working perfectly for a few weeks now.  But just to add, when we had 8.2(5) software on the ASA and would put newer versions of the web deployment package on the ASA, clients trying to connect via VPN would auto-update without a problem.  Same with Mac's.
  So with the new software on the ASA, I ran a test from my home office, I uninstalled AnyConnect and installed an older version, 2.5.x.  I then tried to connect via VPN with the thought that it would automatically update my VPN client to the version of the client on the ASA which is 3.1.05178.  I watched it connect, ask for my active directory credentials, it would connect, then check for updates, and then say it was downloading an update.  Shortly after, AnyConnect popped up a window saying "The VPN Client Agent was unable to create the interprocess communication depot." and I have to click Ok.  Basically what happens here - http://www.itsystemadmin.com/the-vpn-client-agent-was-unable-to-create-interprocess/  but I do not have ICS turned on on the network adapter or any of my network adapters.
  After clicking ok, it shows me the AnyConnect window, but the program is now partially non-functional, it is there, but the connection address is gone and if I enter it and click "Connect" it gives me an error immediately.  
  What I then have to do is go onto the ASA, remove that newer package and upload an older one.  Then I re-install the VPN agent on my computer and re-connect, it doesn't find any update because I'm now running a newer version on my computer than the one that is on the ASA, and it connects fine.
  I've tested this with a few employee laptops and they experience the same thing.  I'm not sure if there is something that isn't compatible between this latest ASA software and the 5510, or what the issue is.  I have tried putting slightly older versions of the web deployment package on the ASA and I still get the same problem.  The problem is when the client computer is running an older version of AnyConnect and the ASA has a newer version, it fails upon initial connection and ruins the AnyConnect program and it has to be re-installed.

  Feel lucky.  Lot of people are having wifi problems with 8.x.
  You should try to update from iTunes.  iTunes requires less space on your machine for the update.
  Robert

• SSL VPN - Bypass DefaultWEBVPNGroup

  Hi All,
  I'm using the default tunnel-group and group-policy for my general user community. I want to apply a filter for that group, and have a special use case for another group that bypasses the filter. My goal: for people hitting the "RAS_Engineering" group policy, I want to bypass the filter applied to "DfltGrpPolicy"
  Is there a way for me to configure the group-policy so that it doesn't pick up the default settings? Here's what I have (some output omitted to reduce lines):
  #  sh vpn-session detail svc filter name amy.eryilmaz
  Session Type: SVC Detailed
  Username     : amy.eryilmaz           Index        : 13568
  Assigned IP  : my.vpn.assigned.ip          Public IP    : my.pub.lic.ip
  Group Policy : RAS_Engineering        Tunnel Group : DefaultWEBVPNGroup
  Clientless Tunnels: 1
  SSL-Tunnel Tunnels: 1
  Clientless:
    Tunnel ID    : 13568.1
    Public IP    : my.pub.lic.ip
    Auth Mode    : userPassword
    Idle Time Out: 30 Minutes             Idle TO Left : 29 Minutes
    Client Type  : Web Browser
    Client Ver   : AnyConnect Windows 2.5.3046
    Bytes Tx     : 11456                  Bytes Rx     : 3986
  SSL-Tunnel:
    Tunnel ID    : 13568.2
    Assigned IP  : my.vpn.assigned.ip          Public IP    : my.pub.lic.ip
    Client Type  : SSL VPN Client
    Client Ver   : Cisco AnyConnect VPN Agent for Windows 2.5.3046
    Filter Name  : default-vpn-filter
  group-policy DfltGrpPolicy attributes
  wins-server value xx.xx.xx.xx
  dns-server value xx.xx.xx.xx
  dhcp-network-scope xx.xx.xx.xx
  vpn-filter value default-vpn-filter
  vpn-tunnel-protocol IPSec l2tp-ipsec svc webvpn
  default-domain value mydomain.com
  webvpn
    svc ask none default svc
  group-policy RAS_Engineering internal
  group-policy RAS_Engineering attributes
  wins-server value xx.xx.xx.xx
  dns-server value xx.xx.xx.xx
  dhcp-network-scope xx.xx.xx.xx
  vpn-tunnel-protocol l2tp-ipsec svc
  webvpn
    svc ask none default svc
  # sh run all tunnel-group DefaultWEBVPNGroup
  tunnel-group DefaultWEBVPNGroup type remote-access
  tunnel-group DefaultWEBVPNGroup general-attributes
  no address-pool
  no ipv6-address-pool
  authentication-server-group my_radius
  secondary-authentication-server-group none
  no accounting-server-group
  default-group-policy DfltGrpPolicy
  dhcp-server xx.xx.xx.xx
  no strip-realm
  no password-management
  no override-account-disable
  no strip-group
  no authorization-required
  username-from-certificate CN OU
  secondary-username-from-certificate CN OU
  authentication-attr-from-server primary
  authenticated-session-username primary
  tunnel-group DefaultWEBVPNGroup webvpn-attributes
  customization myCustom
  authentication aaa
  no override-svc-download
  no radius-reject-message
  no proxy-auth sdi
  no pre-fill-username ssl-client
  no pre-fill-username clientless
  no secondary-pre-fill-username ssl-client
  no secondary-pre-fill-username clientless
  dns-group DefaultDNS
  no without-csd
  tunnel-group DefaultWEBVPNGroup ipsec-attributes
  no pre-shared-key
  peer-id-validate req
  no chain
  no trust-point
  isakmp keepalive threshold 300 retry 2
  no radius-sdi-xauth
  isakmp ikev1-user-authentication xauth

  Hi,
  By default you will inherit any implicit values from the default group policy.
  To stop inheriting the "vpn-filter" please do:
  group-policy RAS_Engineering attributes
       vpn-filter none
  The same applies for any other feature within the group-policy, make sure you explicitly define every parameter according to the specific requirements.
  Thanks.
  Portu.
  Please rate any helpful posts.

• Lots of Anyconnect Error Message in Windows Event Log

  Hi Community.
  We have lots of Anyconnect Error Messages in the Windows Event Log. Following two examples.
  Can anyone tell me why these errors appears and how do I fix them ? I already installed the newest Anyconnect on my machine.
  Thanks in advance and Kind Regards Patrick
  Example 1
    <Provider Name="acvpnagent" />
    <EventID Qualifiers="9216">2</EventID>
    <Keywords>0x80000000000000</Keywords>
    <EventRecordID>97564</EventRecordID>
    <Channel>Cisco AnyConnect Secure Mobility Client</Channel>
  - <EventData>
    <Data>Function: CNetEnvironment::logProbeFailure File: .\NetEnvironment.cpp Line: 1432 Invoked Function: CHttpProbeAsync::SendProbe Return Code: -27066354 (0xFE63000E) Description: HTTP_PROBE_ASYNC_ERROR_CANNOT_CONNECT HTTP (host: 109.164.211.237)</Data>
    </EventData>
  Example 2
    <Provider Name="acvpnagent" />
    <EventID Qualifiers="9216">2</EventID>
    <Keywords>0x80000000000000</Keywords>
    <EventRecordID>97565</EventRecordID>
    <Channel>Cisco AnyConnect Secure Mobility Client</Channel>
  - <EventData>
    <Data>Function: CNetEnvironment::TestAccessToSG File: .\NetEnvironment.cpp Line: 1385 Invoked Function: CNetEnvironment::analyzeHttpResponse Return Code: -28966899 (0xFE46000D) Description: NETENVIRONMENT_ERROR_PROBE_INCOMPLETE:Network Probe could not contact target</Data>
    </EventData>

  HI and welcome to Discussions,
  in my personal opinion there is not much for you to worry about.
  The 'Windows Tool for the elimination of malware' is nothing you miss as long as you have a decent Anti-Virus Software running.
  The update for the IE 7 might be missing an installed IE 7, which can do by downloading it yourself from Microsofts webpage.
  If you don't use the IE but something like Firefox or Opera or Safari, than don't bother with these update.
  Stefan

• No Audio on either end Cisco Jabber for Windows over Cisco AnyConnect

  Our telephony staff is replacing our aging/unsupported VoIP system with a Cisco system and as the network tech, I'm trying to get Jabber for Windows to work over our AnyConnect VPN client.  Jabber to Cisco phone and Jabber to Jabber calls work fine within our LAN.  
  However, when I take a laptop to a separate internet connection and connect to the network via the VPN, I can't get any audio to pass across the system, in either direction.  If I call a phone on our LAN using the Jabber client (via AnyConnect), the phone rings and when I answer it, it's just dead air on both ends.  If I reverse the process, calling from the phone to the Jabber client, the same thing, Jabber client rings, but dead air both ways once I answer.  
  Things I can do from the laptop over the VPN connection:
  I'm able to get to the phone's web interface using that same laptop.
  I can ping the phone as well.  In fact, the VPN profile I'm using has full access to the entire VoIP Vlan including all IP traffic (all ~65,000 ports).
  Searching the address book also works fine.  I can search for staff and it's pulling directly from our Active Directory environment.
  Is there any special settings on the firewall that I need to setup to allow the voice traffic (which I assume is RTP traffic)?  I tried to add a service policy for RTP traffic, but that didn't seem to work...unless I built it wrong.
  Jabber for Windows - 10.6.0
  Cisco Anyconnect - 3.1.06079
  Cisco 5515-x ASA - 9.2

  I was able to resolve this on my own.  I thought that SIP traffic needed to be inspected via the global inspection policy in order for it to pass through the firewall. I ran into the same issue with ICMP traffic from an Anyconnect client to LAN devices. I had to enable ICMP in that policy for us to be able to ping LAN devices over the VPN tunnel. So when I saw that SIP was already being inspected by this policy, I moved on looking for other solutions. Then I stumbled deep within a Google search (almost hit the end of the Internet doing so) where someone mentioned that SIP shouldn’t be inspected by that policy. So I unchecked it and bam! Voice is now working over the anyconnect client to phones on the LAN. 

• Works windows mobile with SSL VPN and anyconnect

  Hello,
  do anyone know if the following OS works with ASA 8.x SSL VPN client ,SSL clientless VPN and anyconnect client and Secure Desktop :
  windows mobile 5.0 Premium phone edition
  windows mobile 6.0
  windows embedded CE,Net
  windows mobile 2003
  Thank you for your help
  Michael

  [url=http://fztodds.24fast.info/washington225.html] washington [/url]
  [url=http://fztodds.24fast.info/washington16e.html] washington [/url]
  [url=http://fztodds.24fast.info/washingtond66.html] washington [/url]
  [url=http://fztodds.24fast.info/washington4e0.html] washington [/url]
  [url=http://fztodds.24fast.info/washington00b.html] washington [/url]
  [url=http://fztodds.24fast.info/washington1e7.html] washington [/url]
  [url=http://ioinlfu.zotzoo.com/washington0a8.html] washington [/url]
  [url=http://ioinlfu.zotzoo.com/washington9de.html] washington [/url]
  [url=http://ioinlfu.zotzoo.com/washingtone4a.html] washington [/url]
  [url=http://ioinlfu.zotzoo.com/washington4ec.html] washington [/url]
  [url=http://ioinlfu.zotzoo.com/washington184.html] washington [/url]
  [url=http://ioinlfu.zotzoo.com/washingtonb73.html] washington [/url]
  [url=http://ioinlfu.zotzoo.com/washington853.html] washington [/url]
  [url=http://ygkbfvp.wipou.com/washington1a5.html] washington [/url]
  [url=http://ygkbfvp.wipou.com/washingtonde7.html] washington [/url]
  [url=http://ygkbfvp.wipou.com/washington2b8.html] washington [/url]
  [url=http://ygkbfvp.wipou.com/washington902.html] washington [/url]
  [url=http://ygkbfvp.wipou.com/washingtonc99.html] washington [/url]
  [url=http://ygkbfvp.wipou.com/washingtoncc7.html] washington [/url]
  [url=http://ygkbfvp.wipou.com/washington598.html] washington [/url]
  [url=http://yfldvbz.webheri.net/washingtonbe2.html] washington [/url]
  [url=http://yfldvbz.webheri.net/washingtone9b.html] washington [/url]
  [url=http://yfldvbz.webheri.net/washington4e0.html] washington [/url]
  [url=http://yfldvbz.webheri.net/washington327.html] washington [/url]
  [url=http://yfldvbz.webheri.net/washingtonada.html] washington [/url]
  [url=http://yfldvbz.webheri.net/washingtond2b.html] washington [/url]
  [url=http://yfldvbz.webheri.net/washington317.html] washington [/url]
  [url=http://odwjneh.yourfreehosting.net/washington7cb.html] washington [/url]
  [url=http://odwjneh.yourfreehosting.net/washingtoneaf.html] washington [/url]
  [url=http://odwjneh.yourfreehosting.net/washington259.html] washington [/url]
  [url=http://odwjneh.yourfreehosting.net/washington8e0.html] washington [/url]
  [url=http://odwjneh.yourfreehosting.net/washingtonc03.html] washington [/url]
  [url=http://odwjneh.yourfreehosting.net/washington092.html] washington [/url]
  [url=http://odwjneh.yourfreehosting.net/washington79c.html] washington [/url]
  [url=http://aeaukol.rack111.com/washington766.html] washington [/url]
  [url=http://aeaukol.rack111.com/washingtona2e.html] washington [/url]
  [url=http://aeaukol.rack111.com/washington4c4.html] washington [/url]
  [url=http://aeaukol.rack111.com/washingtonb9f.html] washington [/url]
  [url=http://aeaukol.rack111.com/washingtond3a.html] washington [/url]
  [url=http://aeaukol.rack111.com/washington54a.html] washington [/url]
  [url=http://aeaukol.rack111.com/washington777.html] washington [/url]
  [url=http://uhbayoe.hostrator.com/washington300.html] washington [/url]
  [url=http://uhbayoe.hostrator.com/washington239.html] washington [/url]
  [url=http://uhbayoe.hostrator.com/washington7b4.html] washington [/url]
  [url=http://uhbayoe.hostrator.com/washingtonad5.html] washington [/url]
  [url=http://uhbayoe.hostrator.com/washingtone03.html] washington [/url]
  [url=http://uhbayoe.hostrator.com/washington399.html] washington [/url]
  [url=http://uhbayoe.hostrator.com/washington9e9.html] washington [/url]
  [url=http://ggaubio.hostevo.com/washington878.html] washington [/url]
  [url=http://ggaubio.hostevo.com/washington525.html] washington [/url]

• AnyConnect and Windows 8.1 Update issue

  I have an ISA550W deployed at our office locations. For remote access I am testing AnyConnect v3.1.05187. The laptops I'm testing on have Windows 8.1 Pro Update with all of the latest patches as of this post.
  I read the release notes and as a consequence made sure WinPcap is not installed and the service non-existent.
  I have run the MicrosoftFixit25005.
  When I installed AnyConnect I unchecked the options for "Diagnostic and Reporting Tool", "Network Access Manager", & "Web Security".
  Here is the problem; upon initial install it works flawlessly even without a reboot after running the installer. BUT if the OS is rebooted, it gives the following error: "The service provider in your current location is restricting access to the internet. You need to log on with the service provider before you can establish a VPN session. You can try this by visiting any website with your browser."
  Bollox! lol.
  Now I can confirm that sometimes it takes a couple reboots or even until the next day for it to be broken. But all I have to do is uninstall everything, reinstall it and it works, all with no reboot after uninstall or reinstall.
  So why does this thing just decide to break its self?

  Anyone have any ideas? This is a major pain to everyone in our company that works remotely.
  Perhaps someone could even just walk me thru how to produce a log to post here that may help, although I doubt it since I can't predict on which reboot it will break.
  Surely someone else has had this issue or there is a known resolution for it? Please help!
  Thanks! Alex

• Windows 8.1 Preview not working with AnyConnect Client

  I had Windows 8 and was running Cisco AnyConnect client 3.0.10055 perfectly.
  I upgraded to the Windows 8.1 preview and it tries to download update and then it fails and disconnects with the following message:
  An unknown termination error occurred in the client.
  Tried uninstalling and reinstalling the client, no luck.
  Any ideas?
  Thanks,
  Eric

  I had the same issue with windows 8.1 x64. I believe there is an issue with the windows 8.1 update process where it fails to update some of the drivers properly. I have noticed this issue with other windows drivers after the update. Follow the steps below and you VPN should work again.
  1. Uninstall Cisco Anyconnect client.
  2. Go to Device Manager and Disable Cisco AnyConnect VPN Virtual Miniport Adapter for Windows x64
  3. Go to C:\Windows\System32 and rename vpnva64.sys to vpnva64_Old.sys.
  4. Reinstall Cisco Anyconnect client.
  5. Go to Device Manager, you see duplicated Cisco AnyConnect VPN Virtual Adapters. Uninstall one of them but do not check the option to remove the driver.
  6. Apply the registry fix in this blog: http://www.tomontech.com/2012/03/pro-tip-cisco-anyconnect-vpn-client-and-windows-8-consumer-preview/
  7. Try to connect again and your Cisco VPN should work. 

• Anyconnect secure mobility and windows 8.1 problem

  I installed the anyconnect secure mobility client 3.1.05152 version on a couple o windows 8.1 workstations
  on my home network.
  There are no restrictions from my firewall towards the outside world.
  When i try to connect for the first time i get the certificate message and the login prompt.
  After successfully entering the login details the clients connects and i get a message saying that
  the vpn clients is getting updated. After that nothing. If finally disconnects and when i try to re-establish
  a connection i get  the following message:
  "The service provider in your current location is restricting access to the internet blah blah blah..."
  That is not the case though. Osx vpn client from the same location connects successfully
  I have tried removing rebooting, reinstalling the product always with admin rights. every single time the clients connects
  the first time and ends up with the same issue.
  Anyone knows what is going on?

  Is there an older package present and set as the AnyConnect image on the ASA?
  If you could share the tunnel-group, group-policy, and any profile (xml file) from the ASA that would assist further troubleshooting.

• Windows 8 64 bit issues with Cisco AnyConnect Secure Mobility Client version 3.1.04072

  I am having an issue with the Cisco AnyConnect Secure Mobility Client version 3.1.04072 on a Windows 8 64 bit laptop.
  I am able to create the VPN connection but the connection will not allow data to be transferred.
  Stats from a manual connection:
  Cisco AnyConnect Secure Mobility Client Version 3.1.04072
  VPN Stats
      Bytes Received:  14375
      Bytes Sent:  0
      Compressed Bytes Received:  0
      Compressed Bytes Sent:  0
      Compressed Packets Received:  0
      Compressed Packets Sent:  0
      Control Bytes Received:  0
      Control Bytes Sent:  0
      Control Packets Received:  0
      Control Packets Sent:  0
      Encrypted Bytes Received:  7820
      Encrypted Bytes Sent:  1207
      Encrypted Packets Received:  9
      Encrypted Packets Sent:  3
      Inbound Bypassed Packets:  0
      Inbound Discarded Packets:  0
      Outbound Bypassed Packets:  0
      Outbound Discarded Packets:  0
      Packets Received:  4
      Packets Sent:  0
      Time Connected:  00:03:01
  Protocol Info
      Inactive Protocol
          Protocol Cipher:  RSA_3DES_168_SHA1
          Protocol Compression:  None
          Protocol State:  Disconnected
          Protocol:  DTLS
      Active Protocol
          Protocol Cipher:  RSA_3DES_168_SHA1
          Protocol Compression:  Deflate
          Protocol State:  Connected
          Protocol:  TLS
  OS Version
      Windows 8 : WinNT 6.2.9200
  Log from the data transmission software:
  24/12/2013 12:51:13 - Application version = 1.11.28.0
  24/12/2013 12:51:13 - Lodgement Library Version =  1.11.28.0
  24/12/2013 12:51:13 - Connection Method =  INTERNET
  24/12/2013 12:51:13 - DIS Connection Type = Automatic
  24/12/2013 12:51:13 - VPN Client =  ACTIVE
  24/12/2013 12:51:13 - Check Available Connections =  NOT ACTIVE
  24/12/2013 12:51:13 - Windows 8 (6.2.9200 SP )
  24/12/2013 12:51:13 - Language: English (Australia)
  24/12/2013 12:51:13 -
  24/12/2013 12:51:13 - Connected to ISP via LAN
  24/12/2013 12:51:13 - Checking for presence of VPN client.
  24/12/2013 12:51:13 - VPN client found. (C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpncli.exe)
  24/12/2013 12:51:13 - The Cisco AnyConnect Secure Mobility Client application is in use.
  24/12/2013 12:51:18 - Terminating Cisco AnyConnect Secure Mobility Client in progress ...
  24/12/2013 12:51:18 -
  24/12/2013 12:51:18 - Checking Cisco AnyConnect  version.
  24/12/2013 12:51:19 - Cisco AnyConnect Secure Mobility Client (version 3.1.04072) .
  24/12/2013 12:51:19 - Copyright (c) 2004 - 2013 Cisco Systems, Inc.  All Rights Reserved.
  24/12/2013 12:51:19 - Config file directory:C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\
  24/12/2013 12:51:19 -
  24/12/2013 12:51:19 - Loading profile:C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\Profile\ELS-IMelAde-TCP.xml
  24/12/2013 12:51:19 -
  24/12/2013 12:51:19 - Initializing the VPN connection.
  24/12/2013 12:51:19 - Ready to connect.
  24/12/2013 12:51:19 - Ready to connect.
  24/12/2013 12:51:19 - Contacting ELS-IMelAde-TCP.
  24/12/2013 12:51:23 - Authenticating user.
  24/12/2013 12:51:23 - Connected to VPN concentrator.
  24/12/2013 12:51:23 - Establishing VPN session...
  24/12/2013 12:51:23 - Checking for profile updates...
  24/12/2013 12:51:23 - Checking for product updates...
  24/12/2013 12:51:23 - Checking for customization updates...
  24/12/2013 12:51:23 - Performing any required updates...
  24/12/2013 12:51:23 - Establishing VPN session...
  24/12/2013 12:51:23 - Establishing VPN - Initiating connection...
  24/12/2013 12:51:24 - Establishing VPN - Examining system...
  24/12/2013 12:51:24 - Establishing VPN - Activating VPN adapter...
  24/12/2013 12:51:24 - Establishing VPN - Configuring system...
  24/12/2013 12:51:24 - Establishing VPN...
  24/12/2013 12:51:24 - Connected to VPN concentrator.
  24/12/2013 12:51:24 - Connected to ELS-IMelAde-TCP.
  24/12/2013 12:51:24 - Connected to VPN concentrator.
  24/12/2013 12:51:24 - Connection to VPN client return code = 0.
  24/12/2013 12:51:24 - Connected to VPN concentrator.
  24/12/2013 12:51:24 - Connecting : Connecting to 203.202.43.2.
  24/12/2013 12:51:45 - Error in ConnectToDIS - Socket Error # 10060
  Connection timed out.
  24/12/2013 12:51:46 -
  24/12/2013 12:51:46 - Disconnecting from the VPN concentrator.
  24/12/2013 12:51:46 - Disconnect in progress, please wait...
  24/12/2013 12:51:46 - Detaching AnyConnect, please wait...
  24/12/2013 12:51:47 - Detached.
  24/12/2013 12:51:47 - Disconnected from VPN concentrator.
  24/12/2013 12:51:47 - *****************************************************
  24/12/2013 12:51:47 -               END OF LODGEMENT PROCESS
  24/12/2013 12:51:47 - *****************************************************
  Issue history:
  - Previously running Cisco VPN client on Windows 8 64 bit laptop (VPN working and able to transmit data over VPN)
  - Upgrade to Windows 8.1 stopped the VPN client working
  - Refreshed system back to Windows 8 and reinstalled all software
  - Cisco VPN client would not install on system
  - Cisco AnyConnect Secure Mobility Client installs and is able to connect to VPN host
  - Cisco AnyConnect Secure Mobility Client downloads and installs software from VPN host
  - Data transmission software returns error code #10060
  Any assistance would be greatly appreciated.

  anyone found the fix for this?