AnyConnenct Secure Mobility Client connect issue
Hello
i am getting the following message if i try to connect to the customer network via the AnyConnect VPN Client 3.1.06073:
"The VPN connection was terminated to enforce a newly determinated tunnel MTU and could not be automatically re-istablished. A new connection is necessary, which requires re-authentification."
If i try to reconnect, i am getting the same message again.
How i can fix it?
my notebook configuration:
lenovo t440s
Windows 8.1 64bit
Only Windows Firewall is active.
I can succesfully connect to the same customer network from my another notebook with Windows 7.
Thanks
Dimi
Hi,
I hope those link can help you ;)
http://www.cisco.com/c/en/us/support/docs/security/anyconnect-secure-mobility-client/116881-technote-anyconnect-00.html
https://supportforums.cisco.com/discussion/11159936/cisco-anyconnect-vpn-client-keeps-reconnecting
Br,
Mustapha
Similar Messages
-
AnyConnect Secure Mobility Client Connection Issue
Hello all,
I am specifically having issue of unable to connect do VPN using AnyConnect Secure Mobility Client. This issue is only happening on my Windows7 machine. All of this use to work before properly without any issue. All of sudden now I am getting below error when I initiate the AnyConnect client from last few days. The errors are as below in sequence:
1) Posture Assessment Failed: Hotscan prelogin error
2) An Error has occured while running HotScan. Please attempt to connect again
Message HIstory shows below:
Wed Feb 05 00:34:28 2014] Posture Assessment: Required for access
[Wed Feb 05 00:34:28 2014] Posture Assessment: Checking for updates...
[Wed Feb 05 00:34:30 2014] Posture Assessment: Updating...
[Wed Feb 05 00:34:32 2014] Posture Assessment: Initiating...
[Wed Feb 05 00:34:37 2014] Posture Assessment: Failed
Wed Feb 05 00:34:28 2014] Posture Assessment: Required for access
[Wed Feb 05 00:34:28 2014] Posture Assessment: Checking for updates...
[Wed Feb 05 00:34:30 2014] Posture Assessment: Updating...
[Wed Feb 05 00:34:32 2014] Posture Assessment: Initiating...
[Wed Feb 05 00:34:37 2014] Posture Assessment: Failed
Any idea whats causing this issue on my machine?
Thanks,
bwsWhat are the prelogin checks specified in your dap.xml file? Verify your client meets those checks.
-
AnyConnect Secure Mobility Client License issue
I am currently using VPN Client Cisco Anyconnect VPN Client Version
2.4.1012 for Windows 7 to connect office network. I want to buy an "
AnyConnect Secure Mobility Client License" for my Galaxy SII phone.
How should i buy it?Wow, that is new to me. Maybe try another reseller/partner as unfortunately Cisco don't sell direct to end user.
-
Auto Discover Mobile Client Connectivity issue.
I am currently working on getting mobility working for our lync environment. I have followed online articles for setting up the mobility service and while I have not got a true reverse proxy put in place yet I have a question regarding the autodiscover.
When I go to https://lyncdiscover.ourdomain.com/autodiscover/autodiscoverservice.aspx/root/sipuri=[email protected]
I get the following results
{"AccessLocation":"External","Root":{"Links":[{"href":"https:\/\/lyncfe-v01.ourdomain.local\/Autodiscover\/AutodiscoverService.svc\/root\/domain","token":"Domain"},{"href":"https:\/\/lyncfe-v01.ourdomain.local\/Autodiscover\/AutodiscoverService.svc\/root\/user","token":"User"}]}}The problem is that is our local internal URL not the external URL. I believe the setting comes from the Topology Builder under the Standard Front End Server for External web services FQDN as that is what is set there. My question is should that be changed to the FQDN of the edge server or the FQDN of the reverse proxy server? Also should that be the public ourdomain.com or remain the internal ourdomain.local?I hope this makes sense. I am just taking this piece by piece as I was hoping to get my android phone working internally on Wifi at the very least.Also for testing purposes I just pointed our firewall and setup nat from 80 -> 8080 and 443 -> 4443 to test that the external website was working and it is that is how I was able to get the auto discover information. I know this is not secure or ideal I am simply taking this one step at a time to ensure I get this working properly.Thank you for everyone's help.
KKOk update on my progress.
we updated our UCC certificate that we bought for our edge server. That certificate had the following in it
sip.ourdomain.com
webconf.ourdomain.com
we added
dialin.ourdomain.com
meet.ourdomain.com
lyncdiscover.ourdomain.com
I left the External Web Services FQDN as lyncdiscover.ourdomain.com
I then put that cert on the Reverse Proxy server. I then tested using testconnectivity.microsoft.com and the autodiscover test and everything passed. This is the good news.
Now the bad.
When I run the connectivity test if I manually select the server and put in sip.ourdomain.com and choose port 5061 the test passes but if I choose port 443 which apparently the mobile clients use as I do not see a spot to change that at it fails stating
that
The SSL certificate failed one or more certificate validation checks.
The certificate couldn't be validated because SSL negotiation wasn't successful. This could have occurred as a result of a network error or because of a problem with the certificate installation.
Elapsed Time: 192 ms.
I checked the External Cert on the edge server and sip.ourdomain.com and webconf.ourdomain.com are listed.
The Edge Pool has been configured to have SIP Access, Web Conf service and A/V service all point to sip.ourdomain.com using ports 5061, 444, 443
Can someone point to me what I have setup incorrectly?
This seems like I am very close to actually having this working. Almost like I can see the light.
Thank you,
KK -
Anyconnect Secure Mobility client 3.1.05187 external DNS issues in Windows 8.1
I am using AnyConnect Mobility client 3.1.05187 on Windows 8.1 machine and for last couple of days I am not able to connect to external sites.
There are two network adapters active:
Ethernet (IP and DNS address obtained automatically)
Cisco AnyConnect Secure Mobility Client Connection (Tunnel Mode (IPv4): Split Include)
Cisco AnyConnect Secure Mobility Client 3.1.05187 VPN Statistics Details(Thu Jan 29 12:43:45 2015)
Connection Information
Tunnel Mode (IPv4): Split Include
Tunnel Mode (IPv6): Drop All Traffic
Duration: 00:03:23
I have checked for 'do not change default gateway' setting but it's not displaying for VPN connection.
I hope someone can help me out.I'd start with installing the latest version of 3.1 and also try latest version of 3.0
Michael
Please rate all helpful posts -
Windows 8 64 bit issues with Cisco AnyConnect Secure Mobility Client version 3.1.04072
I am having an issue with the Cisco AnyConnect Secure Mobility Client version 3.1.04072 on a Windows 8 64 bit laptop.
I am able to create the VPN connection but the connection will not allow data to be transferred.
Stats from a manual connection:
Cisco AnyConnect Secure Mobility Client Version 3.1.04072
VPN Stats
Bytes Received: 14375
Bytes Sent: 0
Compressed Bytes Received: 0
Compressed Bytes Sent: 0
Compressed Packets Received: 0
Compressed Packets Sent: 0
Control Bytes Received: 0
Control Bytes Sent: 0
Control Packets Received: 0
Control Packets Sent: 0
Encrypted Bytes Received: 7820
Encrypted Bytes Sent: 1207
Encrypted Packets Received: 9
Encrypted Packets Sent: 3
Inbound Bypassed Packets: 0
Inbound Discarded Packets: 0
Outbound Bypassed Packets: 0
Outbound Discarded Packets: 0
Packets Received: 4
Packets Sent: 0
Time Connected: 00:03:01
Protocol Info
Inactive Protocol
Protocol Cipher: RSA_3DES_168_SHA1
Protocol Compression: None
Protocol State: Disconnected
Protocol: DTLS
Active Protocol
Protocol Cipher: RSA_3DES_168_SHA1
Protocol Compression: Deflate
Protocol State: Connected
Protocol: TLS
OS Version
Windows 8 : WinNT 6.2.9200
Log from the data transmission software:
24/12/2013 12:51:13 - Application version = 1.11.28.0
24/12/2013 12:51:13 - Lodgement Library Version = 1.11.28.0
24/12/2013 12:51:13 - Connection Method = INTERNET
24/12/2013 12:51:13 - DIS Connection Type = Automatic
24/12/2013 12:51:13 - VPN Client = ACTIVE
24/12/2013 12:51:13 - Check Available Connections = NOT ACTIVE
24/12/2013 12:51:13 - Windows 8 (6.2.9200 SP )
24/12/2013 12:51:13 - Language: English (Australia)
24/12/2013 12:51:13 -
24/12/2013 12:51:13 - Connected to ISP via LAN
24/12/2013 12:51:13 - Checking for presence of VPN client.
24/12/2013 12:51:13 - VPN client found. (C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpncli.exe)
24/12/2013 12:51:13 - The Cisco AnyConnect Secure Mobility Client application is in use.
24/12/2013 12:51:18 - Terminating Cisco AnyConnect Secure Mobility Client in progress ...
24/12/2013 12:51:18 -
24/12/2013 12:51:18 - Checking Cisco AnyConnect version.
24/12/2013 12:51:19 - Cisco AnyConnect Secure Mobility Client (version 3.1.04072) .
24/12/2013 12:51:19 - Copyright (c) 2004 - 2013 Cisco Systems, Inc. All Rights Reserved.
24/12/2013 12:51:19 - Config file directory:C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\
24/12/2013 12:51:19 -
24/12/2013 12:51:19 - Loading profile:C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\Profile\ELS-IMelAde-TCP.xml
24/12/2013 12:51:19 -
24/12/2013 12:51:19 - Initializing the VPN connection.
24/12/2013 12:51:19 - Ready to connect.
24/12/2013 12:51:19 - Ready to connect.
24/12/2013 12:51:19 - Contacting ELS-IMelAde-TCP.
24/12/2013 12:51:23 - Authenticating user.
24/12/2013 12:51:23 - Connected to VPN concentrator.
24/12/2013 12:51:23 - Establishing VPN session...
24/12/2013 12:51:23 - Checking for profile updates...
24/12/2013 12:51:23 - Checking for product updates...
24/12/2013 12:51:23 - Checking for customization updates...
24/12/2013 12:51:23 - Performing any required updates...
24/12/2013 12:51:23 - Establishing VPN session...
24/12/2013 12:51:23 - Establishing VPN - Initiating connection...
24/12/2013 12:51:24 - Establishing VPN - Examining system...
24/12/2013 12:51:24 - Establishing VPN - Activating VPN adapter...
24/12/2013 12:51:24 - Establishing VPN - Configuring system...
24/12/2013 12:51:24 - Establishing VPN...
24/12/2013 12:51:24 - Connected to VPN concentrator.
24/12/2013 12:51:24 - Connected to ELS-IMelAde-TCP.
24/12/2013 12:51:24 - Connected to VPN concentrator.
24/12/2013 12:51:24 - Connection to VPN client return code = 0.
24/12/2013 12:51:24 - Connected to VPN concentrator.
24/12/2013 12:51:24 - Connecting : Connecting to 203.202.43.2.
24/12/2013 12:51:45 - Error in ConnectToDIS - Socket Error # 10060
Connection timed out.
24/12/2013 12:51:46 -
24/12/2013 12:51:46 - Disconnecting from the VPN concentrator.
24/12/2013 12:51:46 - Disconnect in progress, please wait...
24/12/2013 12:51:46 - Detaching AnyConnect, please wait...
24/12/2013 12:51:47 - Detached.
24/12/2013 12:51:47 - Disconnected from VPN concentrator.
24/12/2013 12:51:47 - *****************************************************
24/12/2013 12:51:47 - END OF LODGEMENT PROCESS
24/12/2013 12:51:47 - *****************************************************
Issue history:
- Previously running Cisco VPN client on Windows 8 64 bit laptop (VPN working and able to transmit data over VPN)
- Upgrade to Windows 8.1 stopped the VPN client working
- Refreshed system back to Windows 8 and reinstalled all software
- Cisco VPN client would not install on system
- Cisco AnyConnect Secure Mobility Client installs and is able to connect to VPN host
- Cisco AnyConnect Secure Mobility Client downloads and installs software from VPN host
- Data transmission software returns error code #10060
Any assistance would be greatly appreciated.anyone found the fix for this?
-
When trying to connect with Cisco AnyConnect Secure Mobility Client on Windows XP SP3 getting the following error:
Function: CTransportWinHttp::SendRequest
File: .\CTransportWinHttp.cpp
Line: 1170
Invoked Function: HttpSendRequest
Return Code: 806 (0x00000326)
Description: WINDOWS_ERROR_CODE
Function: CTransportWinHttp::SendRequest
File: .\CTransportWinHttp.cpp
Line: 1178
Invoked Function: CTransportWinHttp::handleRequestError
Return Code: -30015479 (0xFE360009)
Description: CTRANSPORT_ERROR_UNEXPECTED
and finally I get the following message:
Function: ConnectMgr::processIfcData
File: .\ConnectMgr.cpp
Line: 2763
Invoked Function: ConnectMgr::processIfcData
Return Code: -30015443 (0xFE36002D)
Description: CTRANSPORT_ERROR_CONN_UNKNOWN
Connection attempt failed. Please try again.
Any ideas, thanks,
Ashok.Hi Harry,
I only wish I were more up to speed on all of the security technology. I will contact the network administrator and pass your request to him. I will let you know the results (probably later today).
Here is a little background on this issue (optional reading). All clients worked fine up until around the end of September 2013. Then, a rash of Windows updates came along. Around Sept. 20th, I noticed I could no longer connect using the VPN. So, I uninstalled (Mobility Client) but was not able to re-install as the https://site was not longer able to be reached. I got the standard Microsoft 'Diagnose Connection Problems'. So I manually installed the 'Mobility Client' but only get errors. However, I'm only guessing at the 'AnyConnectProfile.xml'. I may have the settings all wrong. Don't know.
We also noticed that all of our Windows 7 clients work fine. None of the Windows XP clients work any longer. I figured it was 'time to upgrade' all of our Windows XP clients.
Regards,
Stan -
Connections drop when using Cisco Anyconnect Secure Mobility Client
Folks I have a strange issues. I have a few laptops that I'm testing using the Cisco AnyConnect Secure Mobility Client Network Access Manager. We like the interface and overall are happy, but have one nagging issue. Periodically the connection drops when using the client, and the only way to reconnect is to choose the Network repair option on the client. That fixes it just fine, but we shouldn't have to do this. The same clients using the built in WIndows supplicant do not have this problem. We are on version 3.0.07059.
Right now I'm testing on a single access point (autonomous) with WEP! The same laptop works fine without the Cisco client. Usually it is several hours, 12 or more when it happens, but I've seen it less than that. And I've seen it up for over a day and a half. At this point I just don't trust the client to roll out to a larger audience.
-
Issues reconnecting with cisco anyconnect secure mobility client when plugged in via ethernet
Hi,
I have a laptop running Windows 8 x64 with the Cisco AnyConnect Secure Mobility Client version 3.1.02040. Ethernet and Wireless enabled. by default, ethernet works primarily until the system detects that ethernet is down, i.e. undocked from docking station, it should switch to wireless.
Problem: When connected to vpn via ethernet card, it connects without any issues, but when i disconnect it takes a few seconds to disconnect, like 10+ seconds. I try to reconnect to vpn but it says something is wrong with the vpn client and to restart the OS. I restart and my system just takes forever to restart and eventually it will restart, but the OS will generate a MS crash dump.
If i undock my laptop and connect to vpn via my wireless card, everything works fine. i can disconnect from vpn and it does it in a few seconds, I can reconnect without any issues.
please advise...thanks.
dananyone found the fix for this?
-
Hello all,
My company has deployed AnyConnect Secure Mobility Client 3.1.04059 and we use Windows 7
The client works fine most of the time, but all of a sudden the connection drops. I can see both the Windows Network and Sharing Center and Cisco AnyConnect suddenly disconnected. This happens most of the times that I change to another location with a different wi-fi network. With my past Windows 2003 and AnyConnect versions (not sure which one that was), the VPN connection would be recovered shortly after re-connecting to the new wi-fi, but with this version it will never allow me to connect to the new wi-fi. Sometimes, if I use the troubleshoot manager from Windows, it will reset my network adapter and that will allow me to connect to the new wi-fi network. Most of the times it won't.
In those cases, I need to close all programs, log off and log back into Windows. Some other times that will not work either and I will need to restart the whole machine. Restarting the Anyconnect related services alone does not help.
I am worried because today I lost the connection all of a sudden in my own home, while any other device could easily connect to the wifi. Anyconnect will simply say that it is unable to connect. After many tests I had to reset the computer.
Am I the only one seeing this problem? Any advice anyone can give me?
Thanks in advance,
AntonioSo it seems that I was barking at the wrong tree :)
After a bit more research on-line, I found that changing the Power management options for the Wireless network adapter resolved the problem.
I went to Control Panel> Device Manager> right-click on Wireless Network Adapter> Properties > Power Management tab > Uncheck 'Allow the computer to turn off this device to save power'
So far so good. Hope this helps others.
Best,
Antonio -
Hiee,
I am using cisco anyconnect secure mobility client, version - 3.1.05170 , in my windows 8.1 PC to access vpn to my office desktop. But as soon as i connect cisco anyconnect client, my wifi networks becomes limited or unavailable. Thus, i am not able to get remote access to my office desktop. And not even able to access any other websites also. But as soon as i disconnect from the cisco anyconnect vpn client, every thing becomes normal, and the exclamation mark from the network icon also disappears.
kindly help me in this regard.
Thanks and regards
NeerajThere are a few things to consider here:
- The IPSec VPN client is EoL, so even if we consider this as a bug, it wouldn't be fixed
- fixing the file server access would break the DHCP renew which means there is no completely clean way to fix this, at least not at the IP level since the client can't route to the same destination using 2 different paths.
Is there any chance we could do a static policy NAT for the DHCP traffic so it appears to come from another IP? It's twisted and it may not work (the client might use the DHCP server IP embedded inside the payload and not the source IP) but if it does, then we'd fix the overlap.
Could the server use another IP address for the DHCP service (much like using a loopback for a certain service on a router?)
A third solution would be to NAT the destination server IP on the ASA for traffic from the IP pool going to the server. We'd need DNS doctoring as well to resolve the server's name to the NATted IP. This way the server would appear from the VPN client as being at a different IP, thereby fixing the overlap.
All these potential solutions are quite involved... you may be better off wityh a simpler design: splitting of your server into 2 or using something else to do DHCP for the VPN clients. -
AnyConnect Secure Mobility Client v3.1.04066 "The VPN client driver encountered an error"
Hello, I am a software engineer and have been trying to connect to my client's VPN using the AnyConnect Secure Mobility Client (version 3.1.04066) and keep receiving the error "The VPN client driver encountered an error. Please try again or restart your system."
I am on a Windows 7 system with an intel i7-2670QM cpu. My computer model is an HP Pavilion dv7.
I have tried uninstalling the software, re-installing it. I've tried restarting my system multiple times through the process. I've checked the registry and made sure the name was setup correctly. I have checked and made sure that the correct services are not enabled. I have also tried what was suggested on the support page and checked the integrity of catroot2 as well as renaming it and regenerating the folder. None of these have been able to fix my problem.
For information, this is the message history when I try to connect:
[12/8/2014 8:55:49 AM] Ready to connect.
[12/8/2014 9:27:19 AM] Contacting vpn.[hostaddressremoved].com.
[12/8/2014 9:27:22 AM] Please enter your username and password.
[12/8/2014 9:27:29 AM] User credentials entered.
[12/8/2014 9:27:30 AM] Please respond to banner.
[12/8/2014 9:27:31 AM] User accepted banner.
[12/8/2014 9:27:31 AM] Establishing VPN session...
[12/8/2014 9:27:32 AM] Checking for profile updates...
[12/8/2014 9:27:32 AM] Checking for product updates...
[12/8/2014 9:27:32 AM] Checking for customization updates...
[12/8/2014 9:27:32 AM] Performing any required updates...
[12/8/2014 9:27:32 AM] Establishing VPN session...
[12/8/2014 9:27:32 AM] Establishing VPN - Initiating connection...
[12/8/2014 9:27:33 AM] Establishing VPN - Examining system...
[12/8/2014 9:27:33 AM] Establishing VPN - Activating VPN adapter...
[12/8/2014 9:27:33 AM] Establishing VPN - Attempting to repair VPN adapter...
[12/8/2014 9:27:33 AM] Disconnect in progress, please wait...
[12/8/2014 9:28:22 AM] Connection attempt has failed.
[12/8/2014 9:28:24 AM] Ready to connect.
I have tried every kind of search I can think of to find any other solutions to try, and I cannot find anything else. Does anyone have any other recommendations of what to try in order to be able to connect to my client?
-TheJayDudeYes, I am sorry to say that several people have seen the same issue. It seems like the issue is specific to Yosemite and Anyconnect. My very technical staff and I have tried many things. The default route is missing and the file /var/run/resolv.conf is also missing which means that both the route and DNS server are messed up. We re-added the default route manually which allows us to ping the servers and even access them via the IP address
Run the command below before starting the VPN to get the default route
netstat -nr | grep default
Then run the following to re-add the default route.
route add default xxx.xxx.xxx.xxx
BUT there is no way that I can find to fix the DNS entry.
We tried re-adding the DNS entries in the /var/run/resolv.conf and then restarting the DNS service
$ sudo launchctl unload -w /System/Library/LaunchDaemons/com.apple.discoveryd.plist
Password:
$ sudo launchctl load -w /System/Library/LaunchDaemons/com.apple.discoveryd.plist
BUT THIS DOES NOT WORK!
If anyone can help us solve the DNS issue, at least we have a work-around for our technical people until Cisco and/or Apple can resolve it.
Here is a link to the same issue at Cisco.
https://supportforums.cisco.com/discussion/12334071/cisco-anyconnect-secure-mobi lity-client-os-x-yosemite-vpn-not-working-if-mac -
CTRANSPORT_ERROR_TIMEOUT with Cisco AnyConnect Secure Mobility Client 3.1.05170
Hi,
I use Cisco AnyConnect Secure Mobility Client 3.1.05170 to connect to my company network and it has been working successfully for a while and until Sunday evening Feb 8.
Today, this solution is no longer working and I've reproduced the same issue on 3 different Mac's which have 10.10.2 (on 2 Mac's) and 10.9.5 (on 1 Mac).
I can navigate on internet without any problem but when I launch the connection in Cisco AnyConnect Secure Mobility Client, it time outs and I get the following errors:
Feb 10 10:37:31 nicolass-macbook-pro-2-2.home acvpnui[7926]: Message type information sent to the user: Contacting <company server name removed for security reasons>.
Feb 10 10:37:31 nicolass-macbook-pro-2-2.home acvpnui[7926]: Initiating VPN connection to the secure gateway https://<company server name removed for security reasons>
Feb 10 10:37:31 nicolass-macbook-pro-2-2.home acvpnagent[2013]: Function: processConnectNotification File: ../../vpn/Agent/MainThread.cpp Line: 11572 Received connect notification (host <company server name removed for security reasons>, profile myaccess1.xml)
Feb 10 10:37:31 nicolass-macbook-pro-2-2.home acvpnagent[2013]: Function: resolveHostName File: ../../vpn/Common/Utility/HostLocator.cpp Line: 718 Invoked Function: CHostLocator::resolveHostNameAlt Return Code: -29294571 (0xFE410015) Description: DNSREQUEST_ERROR_EMPTY_RESPONSE
Feb 10 10:37:32 nicolass-macbook-pro-2-2.home acvpnagent[2013]: Function: getHostIPAddrByName File: ../../vpn/Common/IPC/SocketSupport.cpp Line: 322 Invoked Function: ::getaddrinfo Return Code: 35 (0x00000023) Description: unknown
Feb 10 10:37:32 nicolass-macbook-pro-2-2.home acvpnagent[2013]: Function: resolveHostName File: ../../vpn/Common/Utility/HostLocator.cpp Line: 730 Invoked Function: CSocketSupport::getHostIPAddrByName Return Code: -31195124 (0xFE24000C) Description: SOCKETSUPPORT_ERROR_GETADDRINFO
Feb 10 10:37:32 nicolass-macbook-pro-2-2.home acvpnagent[2013]: Function: ResolveHostname File: ../../vpn/Common/Utility/HostLocator.cpp Line: 839 Invoked Function: CHostLocator::resolveHostName Return Code: -31195124 (0xFE24000C) Description: SOCKETSUPPORT_ERROR_GETADDRINFO failed to resolve host name <company server name removed for security reasons> to IPv6 address
Feb 10 10:37:32 nicolass-macbook-pro-2-2.home acvpnagent[2013]: Function: logResolutionResult File: ../../vpn/Common/Utility/HostLocator.cpp Line: 913 Host <company server name removed for security reasons> has been resolved to IP address 144.24.19.20
Feb 10 10:37:32 nicolass-macbook-pro-2-2.home acvpnagent[2013]: Writing to hosts file: 144.24.19.20 <company server name removed for security reasons> ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
Feb 10 10:37:32 nicolass-macbook-pro-2-2.home acvpnagent[2013]: Function: respondToConnectNotification File: ../../vpn/Agent/MainThread.cpp Line: 4893 The requested VPN connection to <company server name removed for security reasons> will target the following IP protocols and addresses: primary - IPv4 (address 144.24.19.20), secondary - N/A.
Feb 10 10:37:32 nicolass-macbook-pro-2-2.home acvpnui[7926]: Function: getUserName File: ../../vpn/Api/CTransportCurlStatic.cpp Line: 1939 PasswordEntry username is nwipfli
Feb 10 10:38:32 nicolass-macbook-pro-2-2.home acvpnui[7926]: Function: PeerCertVerifyCB File: ../../vpn/Api/CTransportCurlStatic.cpp Line: 857 Return success from VerifyServerCertificate
Feb 10 10:38:32 nicolass-macbook-pro-2-2.home acvpnui[7926]: Function: SendRequest File: ../../vpn/Api/CTransportCurlStatic.cpp Line: 1422 Invoked Function: curl_easy_perform Return Code: -30015442 (0xFE36002E) Description: CTRANSPORT_ERROR_TIMEOUT 28 : Error
Feb 10 10:38:32 nicolass-macbook-pro-2-2.home acvpnui[7926]: Function: sendRequest File: ../../vpn/Api/ConnectIfc.cpp Line: 3191 Invoked Function: CTransport::SendRequest Return Code: -30015442 (0xFE36002E) Description: CTRANSPORT_ERROR_TIMEOUT
Feb 10 10:38:32 nicolass-macbook-pro-2-2.home acvpnui[7926]: Function: connect File: ../../vpn/Api/ConnectIfc.cpp Line: 481 Invoked Function: ConnectIfc::sendRequest Return Code: -30015442 (0xFE36002E) Description: CTRANSPORT_ERROR_TIMEOUT
Feb 10 10:38:32 nicolass-macbook-pro-2-2.home acvpnui[7926]: Function: TranslateStatusCode File: ../../vpn/Api/ConnectIfc.cpp Line: 3008 Invoked Function: TranslateStatusCode Return Code: -30015442 (0xFE36002E) Description: CTRANSPORT_ERROR_TIMEOUT Connection attempt has timed out. Please verify Internet connectivity.
Feb 10 10:38:32 nicolass-macbook-pro-2-2.home acvpnui[7926]: Function: doConnectIfcConnect File: ../../vpn/Api/ConnectMgr.cpp Line: 1963 Invoked Function: ConnectIfc::connect Return Code: -30015442 (0xFE36002E) Description: CTRANSPORT_ERROR_TIMEOUT
Feb 10 10:38:32 nicolass-macbook-pro-2-2.home acvpnui[7926]: Message type warning sent to the user: Connection attempt has failed.
Feb 10 10:38:32 nicolass-macbook-pro-2-2.home acvpnui[7926]: Function: processIfcData File: ../../vpn/Api/ConnectMgr.cpp Line: 2614 Content type (unknown) received. Response type (host unreachable) from <company server name removed for security reasons>:
Feb 10 10:38:32 nicolass-macbook-pro-2-2.home acvpnui[7926]: Message type warning sent to the user: Unable to contact <company server name removed for security reasons>.
Feb 10 10:38:32 nicolass-macbook-pro-2-2.home acvpnui[7926]: Function: processIfcData File: ../../vpn/Api/ConnectMgr.cpp Line: 2724 Unable to contact <company server name removed for security reasons>
Feb 10 10:38:32 nicolass-macbook-pro-2-2.home acvpnui[7926]: Message type error sent to the user: Connection attempt has timed out. Please verify Internet connectivity.
Feb 10 10:38:32 nicolass-macbook-pro-2-2.home acvpnui[7926]: Function: connect File: ../../vpn/Api/ConnectMgr.cpp Line: 2050 ConnectMgr::processIfcData failed
Feb 10 10:38:32 nicolass-macbook-pro-2-2.home acvpnui[7926]: Function: initiateConnect File: ../../vpn/Api/ConnectMgr.cpp Line: 1181 Connection failed.
Any idea about a solution ?
Thanks in advance
NicolasThere seem to be much more problems with 3.1.04049
Especially with certificate authentication.
I opened some TAC cases.
Try 3.1.04063 that came out at 07-24-13.
TAC said that there are some fixes in it... -
Configuration File goes bad in Cisco AnyConnect Secure Mobility Client.
Hi everyone
We are running a Cisco ISE Version: 1.3.0.876 Patch 1 for 802.1X deployment (Wired + Wireless) with posture assessment where the supplicant for the endpoint is Cisco Anyconnect Secure Mobility Client v4.0.00061.
Symptoms:
The Configuration is working fine both Wired and Wireless, but the issue is that some user suddenly start to have issue connecting Wireless with the Cisco Anyconnect dislpaying System Scan: Bypassing Anconnect Scan
(Some info are masked)
and When I digged into this found that the configuration.xml files in the path: C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\Network Access Manager\newConfigFiles is renamed automatically into configuration_bad.xml.
Workaround:
Copy and paste a normal configuration.xml into the same path again.
Restart the Cisco anyconnect services or restart the Endpoint.
Question:
So was wondering if anybody has a clue why this configutatyion.xml turned into bad??
I'm goin to dig into the Event Viewer for logs about this before going to Cisco TACfirst poster -
"Downloads from random internet sites are 5-10 times faster than anything from a server on the VPN."
Your corporate network may just have too little bandwidth, your taking a poor internet route between carriers (ISP's are often maxed out believe it or not), there is a speed an duplex problem or you have a bad MTU. test all of them. your pc's MTU should be 1300. MAX on all interfaces. use the setmtu.exe tool.
Jcohen - if you disable the IPS on the ASA does the slow transfer problem go away? -
Anyconnect Secure Mobility Client on UC540
Hi everybody,
does anyone know if it´s possible to establish a connection with a
Anyconnect Secure Mobility Client directly to an UC 540?
I tried using a normal Cisco VPN Client from a Windows Desktop which works fine.
Now I´m trying to connect a Cius and a Samsung Smartphone with ASMC but this doesn´t work right now.
Is there another client available instead of ASMC?
Thanks in advance.
StefanYes, I am sorry to say that several people have seen the same issue. It seems like the issue is specific to Yosemite and Anyconnect. My very technical staff and I have tried many things. The default route is missing and the file /var/run/resolv.conf is also missing which means that both the route and DNS server are messed up. We re-added the default route manually which allows us to ping the servers and even access them via the IP address
Run the command below before starting the VPN to get the default route
netstat -nr | grep default
Then run the following to re-add the default route.
route add default xxx.xxx.xxx.xxx
BUT there is no way that I can find to fix the DNS entry.
We tried re-adding the DNS entries in the /var/run/resolv.conf and then restarting the DNS service
$ sudo launchctl unload -w /System/Library/LaunchDaemons/com.apple.discoveryd.plist
Password:
$ sudo launchctl load -w /System/Library/LaunchDaemons/com.apple.discoveryd.plist
BUT THIS DOES NOT WORK!
If anyone can help us solve the DNS issue, at least we have a work-around for our technical people until Cisco and/or Apple can resolve it.
Here is a link to the same issue at Cisco.
https://supportforums.cisco.com/discussion/12334071/cisco-anyconnect-secure-mobi lity-client-os-x-yosemite-vpn-not-working-if-mac
Maybe you are looking for
-
JavaFX Studio 1.0.2 plug-in for Eclipse released
JavaFX Studio 1.0.2 plug-in for Eclipse released (free) Release info: [http://mkblog.exadel.com/tools/exadel-javafx-studio-plug-in-for-eclipse-102-released/] Download: [http://exadel.com/web/portal/javafxstudio]
-
My computer sees the auto duplexer on my Epson Stylus PX720WD but iworks says it is not installed. I have contacted Epson and I have the impression that they don't know how to solve this problem. Anyone got any ideas?
-
I recently purchased an iPad camera connection kit hoping to directly download pictures from my camera to my iPad. When I put my memory card into the adapter and plug it in to my iPad nothing happens. My camera is a Sony Cybershot and the memory car
-
Having challenges configuring the yahoo outgoing mail server on the new iPad. Anyone experiencing this issue? It's working in my home but not at work??
-
What is a unexpected error 2210, and how do I solve it.
Frankly.... I hate this router. After having duplicate DNS names, and other assorted issues, I decided to reset to factory. Great idea Chadster..... now what? After entering about 50 names, ip addresses, and MAC addresess... I click save, and get a