Odd cisco anyconnect not working

Similar Messages

• Cisco anyconnect not working with mavericks

  Does anybody know how to resolve this problem. I did a clean install of Mavericks didnt help.

  What version of AnyConnect are you using? Note the following quote from: http://software.cisco.com/download/release.html?mdfid=283000185&softwareid=28236 4313&release=3.1.04072
  The current download for Mac OS X is version 3.1.04074, all other platforms are version 3.1.04072. AnyConnect 3.1.04074 is required for OS X 10.9, all other Mac platforms may use either version 3.1.04074 or 3.1.04072.

• CISCO Box not working with Infrared Remove Control Repeater

  There was an Infrared Remote Control Repeater set-up in my newly purchased house.  It works for my LG DVD player, but does not work with my CISCO CHS435HDB box.  Are there any work around for this?  Should I change to a different box?

  If you are using a repeater, make sure the piece that is relaying the IR signal is pointing directly the font of the Cisco box and nothing is plugged into the IR input port in the back of the box.
  Anthony_VZ
  **If someones post has helped you, please acknowledge their assistance by clicking the red thumbs up button to give them Kudos. If you are the original poster and any response gave you your answer, please mark the post that had the answer as the solution**
  Notice: Content posted by Verizon employees is meant to be informational and does not supersede or change the Verizon Forums User Guidelines or Terms or Service, or your Customer Agreement Terms and Conditions or plan

• WakeOnLan (WOL ) through Cisco 870 not working

  Hi,
  I need to allow WOL packets through a Cisco 870W router. Its running IOS version 12.4(9)T
  The WOL magic packet will be coming from VLAN1 (192.168.2.0/24)  and going to FastEthernet4 (192.168.6.0/24).
  The WOL application sends UDP packets on port 9
  Here are the relevant running-config sections
  interface Vlan1
  ip address 192.168.2.30 255.255.255.0
  no ip redirects
  no ip unreachables
  ip directed-broadcast
  no ip proxy-arp
  ip route-cache flow
  ip tcp adjust-mss 1452
  interface FastEthernet4
  ip address 192.168.6.1 255.255.255.0
  ip helper-address 192.168.2.1
  ip helper-address 192.168.2.10
  no ip redirects
  no ip unreachables
  ip directed-broadcast
  no ip proxy-arp
  ip route-cache flow
  duplex auto
  speed auto
  no cdp enable
  I've also found documents recommending I add
  ip forward-protocol udp 9
  which I've added and still nothing. Can anyone tell me why this is not working?
  Thank you.
  Vic.

  Hi Vic,
  The Small Business Support Community is limited to Cisco Small Business Products.
  Your question below relates to a Cisco Classic Product for small offices which our community would not be able to help you with.
  The best area for you to post your question would be at the Cisco NetPro forums: http://forums.cisco.com/eforum/servlet/NetProf?page=main
  Best regards,
  Cindy
  Cindy Toy
  Small Business Community Manager
  Customer Advocacy
  Cisco Systems, Inc.

• Anyconnect not working for Mac OS X users

  I have AnyConnect newly configured on my ASA 5550, running 8.2.x code; however, Mac users cannot connect using the Apple client, nor using the Cisco AnyConnect client - they are getting a "posture error" of some kind or the laptop is failing some kind of machine profiling.
  Help - I have no Apple OS experience on this.
  Thanks,
  Marc

  Thanks for your reply;
  Here are the relevant parts of the ASA config:
  crypto ipsec transform-set fdoe3desset esp-3des esp-md5-hmac
  crypto ipsec transform-set doe-sha esp-3des esp-sha-hmac
  crypto ipsec transform-set des-sha esp-des esp-sha-hmac
  crypto ipsec transform-set remoteset esp-des esp-md5-hmac
  crypto ipsec security-association lifetime seconds 28800
  crypto ipsec security-association lifetime kilobytes 4608000
  crypto dynamic-map fdoedynmap 65530 set transform-set remoteset
  crypto dynamic-map fdoedynmap 65530 set security-association lifetime seconds 7200
  crypto map remotemap 65535 ipsec-isakmp dynamic fdoedynmap
  crypto map remotemap interface outside
  crypto ca trustpoint ASDM_TrustPoint0
  enrollment terminal
  subject-name ------------------
  keypair doesslkey
  crl configure
  crypto ca trustpoint ASDM_TrustPoint1
  enrollment terminal
  subject-name --------------------
  crl configure
  crypto isakmp identity address
  crypto isakmp enable outside
  crypto isakmp policy 20
  authentication pre-share
  encryption des
  hash md5
  group 2
  lifetime 3600
  ** snip **
  crypto isakmp policy 70
  authentication pre-share
  encryption 3des
  hash md5
  group 1
  lifetime 28800
  crypto isakmp policy 65535
  authentication pre-share
  encryption 3des
  hash sha
  group 2
  lifetime 86400
  webvpn
  enable outside
  csd image disk0:/csd_3.6.6203-k9.pkg
  csd enable
  svc image disk0:/anyconnect-win-3.0.10055-k9.pkg 1
  svc image disk0:/anyconnect-macosx-i386-3.1.00495-k9.pkg 2
  svc image disk0:/anyconnect-linux-3.0.10055-k9.pkg 3
  svc enable
  group-policy fdoe_vpn internal
  group-policy fdoe_vpn attributes
  wins-server value xx.xx.xx.xx
  dns-server value yy.yy.yy.yy
  vpn-idle-timeout 240
  vpn-session-timeout 720
  vpn-tunnel-protocol IPSec svc
  split-tunnel-policy tunnelspecified
  split-tunnel-network-list value split
  default-domain value fldoe.int
  The user has an AnyConnect client installed on his Apple laptop; I wasn't aware that there was a component that needed to be installed in the ASA for AnyConnect clients to work. Am I confusing AnyConnect with another web SSL VPN application for the ASA 5550?

• Interconnection between HP and Cisco is not working

  Dear all,
  I support some old colleagues by connecting a Cisco 2960x with an HP Switch. Both sides are UP/UP, stp is fine, channel also. The Cisco switch is also fine. But not data traffic is working.
  I see that we are sending but not receicing any packet. the same on the other side. We checked the cabeling use different fibers, etc. everything is fine. when we connect a copper port, its also fine. Online on the LWL side we have this problem. But interface and line protocol is UP.
  Is there any command I may not know to check the LWL. UDLD is not working because we have just on cisco on one end. test tdr works only on copper. I guess there is something wrong with the compatibility between the both Gbics, but i can't exaclty say what it is. We use monomode and LX Gbic. 
  On another Core Switch HP/Cisco is working finde with SX.
  I don't have live access, so sorry for any delay in my answer.
  regards,
  Sebastian

  Hi cbafiero,
  It seems that the problem lies in your router. I'm not sure exactly what the issue is (I've just now discovered it myself), but after switching from a Linksys WRT54GX2 to a thrift store Netgear, my shared libraries appeared instantly. My gut is telling me that the Linksys routers are blocking the multicast traffic, which is stupid on Linksys's part, to filter traffic internally. I'll look more into the Netgear and see what it has that the Linksys doesn't (or vice versa).

• License Key from Cisco is NOT Working.

  Hello All,
  Device: Cisco Wireless Controller 2504 (AIR-CT2504-K9)
  We had purchased an Access Point Upgrade License for our Wireless Controller and when I try to upload the key to the WLC, I get a message that there were no valid Licenses found. We purchased the License from our 3rd party Cisco provider and our Rep had sent me 2 PAK numbers the other day for the Licenses. So I went on Cisco's site and entered the PAK Numbers (*there were 2 PAK Numbers) and after I entered both of those the SKUs that came up were: L-LIC-CT2504-UPG and L-LIC-CT2504-1A.
  So I chose to download the License files and when I did I received a ZIP file containing one html file with instructions and one .lic file containing the License.
  Here is what I see when I try:
          (Cisco Controller) > license install tftp://192.168.x.xxx/Cisco_WLC2504_Licenses/license_file_name.lic
          Transfering licenses from tftp://192.168.x.xxx/Cisco_WLC2504_Licenses/license_file_name.lic
          License installation: No valid license found to be installed
  Anyone know why I would be receiving this error? I tried uploading to the WLC from both the Web Interface and the CLI with the same result.
  I also tried having them email me the .lic file instead but I get the same thing when I try to upload it. 
  Any ideas?
  Thanks,
  Matt

  Hey Vinod, thanks for the reply!
  We had received an Access Point from our Cisco VAR partner and also ordered the License so we could add a 6th AP to the WLC. When we received the AP in the Mail the License was not with it so we emailed our acct rep and asked him for it, which is when they had me run the "show udi" command in order to give them the Serial Number so they could get me the PAK number. Which is I assume what you were talking about with the UDI (Unique Device Identifier)?
  The License file itself contains the correct serial number, which is why I'm confused as to why it's not working. We don't have a SmartNet for this device so one of our Techs through our Cisco Var partner is contacting their Cisco Account Rep to find out what's going on. I guess I'll just wait till I hear back from them, and we'll see what they say. I even tried doing the Get Existing option on Cisco.com for the Product License Registration section of the site, which also did not work.
  The strange thing is, when I did the Get Existing option and I downloaded the License file again, the Filename was different then it was the first time around... Not sure if this is normal or not, but I just thought that was strange.
  Thanks Again for the reply Vinod..!
  Thanks,
  Matt

• Anyconnect 3.1 on OSX 10.8.X , Cisco Jabber not working.

  Hi all
  I am having this not so much fun problem, you see when I am connected to my Local lan ( Inside network ) I can connect fine with my Cisco Jabber 8.6.2 and do my calls and such , then I open a vpn ( pretty much anywhere ) to another client, and Jabber Disconnects.
  Even though the Ip networks are not conflicting , and I can still talk 443 TCP and 80 TCP towards the presence server plus ping to my localnetwork.
  I cannot see anything in the logs that points out the problem.
  Any clues on what this could be ?
  Hafthor
  CCIE Voice #24527

  You don't have to look at Adobe's log, it's an objective C programming issue.
  Adobe didn't update their code.
  Open Mac OS console application and look for installation error, you will find something similar meaning the code is deprecated for Mac OS 10.8:
  11/7/13 5:03:55.758 PM Locum[74925]: Connection with distnoted server was invalidated
  11/7/13 5:10:32.433 PM Installer[78488]: *** WARNING: -[NSImage compositeToPoint:operation:] is deprecated in MacOSX 10.8 and later. Please use -[NSImage drawAtPoint:fromRect:operation:fraction:] instead.
  11/7/13 5:10:32.433 PM Installer[78488]: *** WARNING: -[NSImage compositeToPoint:fromRect:operation:] is deprecated in MacOSX 10.8 and later. Please use -[NSImage drawAtPoint:fromRect:operation:fraction:] instead.
  11/7/13 5:10:32.445 PM Installer[78488]: *** WARNING: -[NSImage compositeToPoint:operation:fraction:] is deprecated in MacOSX 10.8 and later. Please use -[NSImage drawAtPoint:fromRect:operation:fraction:] instead.
  11/7/13 5:10:32.445 PM Installer[78488]: *** WARNING: -[NSImage compositeToPoint:fromRect:operation:fraction:] is deprecated in MacOSX 10.8 and later. Please use -[NSImage drawAtPoint:fromRect:operation:fraction:] instead.
  11/7/13 5:11:14.879 PM Installer[78488]: The Installer encountered an error that caused the installation to fail. Contact the software manufacturer for assistance.

• Cisco 877 - not working with apple devices

  Hello all,
  I'm hoping someone can help me with a problem I have with my 877 adsl router.
  A bit of background:
  I have set this up as my home router to the internet,  which is connected to a Linksys WRT54GL as a wireless access point.
  My windows & Linux devices/laptops all work fine over this setup and connect without a problem
  However, all my apple devices, phones and ipads don't fully work. I can get to google and a handful of pages,  but not the store or games or facebook etc. (my daughter thinks its the end of the world - without FB and instagram)
  If I take out the Cisco and put a Thompson router in, it all works fine. so I'm assuming it something with the Cisco config.
  Below is the config I'm using on the router
  Any pointers would be most appreciated.
  ddhrouter#sh run
  Building configuration...
  Current configuration : 2292 bytes
  version 12.4
  no service pad
  service timestamps debug datetime msec
  service timestamps log datetime msec
  no service password-encryption
  hostname ddhrouter
  boot-start-marker
  boot-end-marker
  enable secret 5 mysecret
  no aaa new-model
  dot11 syslog
  ip cef
  no ip dhcp use vrf connected
  ip dhcp excluded-address 192.168.1.1
  ip dhcp pool CISCODHCP
     network 192.168.1.0 255.255.255.0
     dns-server 212.50.160.100 213.249.130.100 8.8.8.8
     default-router 192.168.1.1
  ip name-server 212.50.160.100
  ip name-server 213.249.130.100
  ip name-server 8.8.8.8
  username cisco privilege 15 password 0 mysecret
  archive
   log config
    hidekeys
  interface ATM0
   description ** adsl interface **
   mtu 1452
   no ip address
   load-interval 30
   no atm ilmi-keepalive
   pvc 1/50
    ubr 288
    encapsulation aal5mux ppp dialer
    dialer pool-member 1
   dsl operating-mode auto
   hold-queue 224 in
  interface FastEthernet0
  interface FastEthernet1
  interface FastEthernet2
  interface FastEthernet3
  interface Vlan1
   description ** local lan **
   ip address 192.168.1.1 255.255.255.0
   ip nat inside
   ip virtual-reassembly
   hold-queue 100 out
  interface Dialer0
   no ip address
  interface Dialer10
   description ** adsl dialer interface **
   ip address negotiated
   ip mtu 1482
   ip nat outside
   ip virtual-reassembly
   encapsulation ppp
   dialer pool 1
   ppp chap hostname myusername
   ppp chap password 0 mypassword
  ip forward-protocol nd
  ip route 0.0.0.0 0.0.0.0 Dialer10
  no ip http server
  no ip http secure-server
  ip http max-connections 4
  ip http timeout-policy idle 600 life 86400 requests 10000
  ip nat inside source list 1 interface Dialer10 overload
  ip access-list extended TerminalAccess
   permit tcp host 192.168.1.0 any eq telnet
   permit tcp any any eq 22
   deny   tcp any any
  ip access-list extended no_telnet
   deny   tcp any any eq telnet
  access-list 1 remark INSIDE_IF=Ethernet0
  access-list 1 remark SDM_ACL Category=2
  access-list 1 permit 192.0.0.0 0.255.255.255
  access-list 110 permit icmp any any echo
  access-list 110 permit icmp any any echo-reply
  dialer-list 1 protocol ip permit
  control-plane
  line con 0
   password password
   no modem enable
  line aux 0
  line vty 0 4
   access-class TerminalAccess in
   password password
   login
  scheduler max-task-time 5000
  end
  ddhrouter#
  all I'm after is a standard setup for my router. allow any out - deny any in.
  Many thanks in advance.
  Dave

  ooo, you left your username, password, and enable in in clear text in the config you pasted, as well as not having an outside ACL applied and the VTY ACL allowing ssh from anywhere.  Luckily the outside IP address isn't in the config or I'm sure someone would get ahold of your router....:)  You should apply an outside access list and a firewall (I prefer CBAC firewall config for ease of use, but there is Zone based) to fix this.  I assume ACL 110 was meant to be your outside ACL but it just isn't applied.
  That being said Jody is likely right.  PPPoE requires you to shrink your packet size (MTU/MSS) to allow room for the encapsulation that gets added to the packet.  The command he supplied should fix this. 
  The 'ip mtu 1482' on the dialer interface may be too large as well.

• Cisco VPN not working with Lion OSX 10.7

  Cisco VPN Client Application did not launch after upgrading to Lion OSX v10.7. 
  I read https://discussions.apple.com/thread/3192535 that suggested rebooting in with a 32bit kernal.
  Hold down the '3' and the '2' keys while rebooting to reboot in 32bit mode.
  I did this and now my existing Cisco VPN works fine.

  Check this out to solve the Cisco ASA connection from OSX 10.7 Lion from rcarrito originally posted under this link:
  https://supportforums.cisco.com/thread/2095921
  Nov 8, 2011 12:19 PM (in response to dylan.scholz)
  Cisco VPN Client & OSX Lion
  I have been successfully using the built in Mac OS X IPSec client on Lion 10.7.2 for a couple months now. I have no need for the Cisco IPSec client anymore and to boot into stupid 32-bit mode .
  Not sure if the issues you guys are having but I followed this guide and it works perfectly. Most of my customers I only have a .pcf file for, which of course, I cannot use to figure out the groupname and password....until now...
  http://anders.com/guides/native-cisco-vpn-on-mac-os-x/
  I don't know if this will help with SonicWall but my problem for the ASA is solved.

• Brocade DCX Fiberchannel trunk via Cisco ONS not working

  We have a SAN environment over 2 locations. On each location they placed a Brocade DCX 8510 SAN switch. The Inter site link is provided via CISCO ONS.
  We use at both sites a MXP_MR_10DME card with two interfaces. We created two circuits and configured the ports at FC4G.
  So when we connect the brocade switches directly to the ONS it works perfect.  We then  have 2 4GB fiberchannel connections.
  However we would like to trunk these connection to a 2x 4GB channel.
  On the Brocade switches we configured both interfaces connected to the ONS as Trunk.
  Both switches see each other but no traffic will run over this trunk. When we disable one port of the Brocade in this trunk then traffic starts to flow.
  Questions:
  Is it possible to create a trunk between the brocades via ONS?. ( we know that it will work with a direct fiber connection).
  I know you can do trunking by using other cards but is this possible with the 1-DMEX-C cards.
  So is the ONS aware of a trunk. I suppose that the ONS should be transparent.
  If anybody has done did before, do we need to configure something specific on the ONS or Brocade switches..?
  THX.

  Nevermind...
  I have been given the wrong SFP modules.

• Cisco 3650 not working with Cisco 8831 Conference IP phone

  hi all,
  i'm not a fan of 3650 switch as it's giving me problems.
  the 3650 can CDP and HTTP to 8831 but CUCM says "not registered."
  the 8831 works fine with 3560 and can register to our CUCM.
  just want to know if 3650 supports 8831?
  can't seem to see any docu or links.

  I have the same issue, changed the 3650 IOS-XE to many versions with no luck.

• Using usb as serial connecting to cisco router not working

  Tried using ZOC and securecrt and both shows only /dev/tty-Bluetooth.....
  any ideas how can I use USB as serial connection to router?

  Hi and welcome to the forums!
  GREAT FIRST POST!! Very clear and specific. You don't know how rare that is
  Is the laptop in a docking bay?
  Content "encryption" meaning Content protection is turned off, right?
  Are you able to backup and sync with the Desktop software?
  Do you have the correct folders on the card?
  Blackberry, music, ringtones, pictures, videos, voice notes?
  (blackberry has to be first).
  Last one, how did you format the card?
  Thanks
  Update device drivers manually:
  http://www.blackberry.com/btsc/search.do?cmd=displ​ayKC&docType=kc&externalId=KB13336&sliceId=SAL_Pub​...
  Message Edited by Bifocals on 11-19-2008 08:36 PM
  Click Accept as Solution for posts that have solved your issue(s)!
  Be sure to click Like! for those who have helped you.
  Install BlackBerry Protect it's a free application designed to help find your lost BlackBerry smartphone, and keep the information on it secure.

• Cisco AP1140 not working correctly

  Hi All,
  I recently aquired a 2nd AP1140, however when i configure it for WPA 2 it works inconsistent, a ping for example will work only for 33% of the time.
  The same client has no issues with my 1st AP using WPA2, with the 2nd AP WEP works without a glitch.
  Is there any tips what to try or debug to find out where the issue lies ?

  Hi Steve the ethernet-port is full duplex, as mentioned when using wep it works fine..
  Just did a test using the 2nd ap as a repeater, same issue when using wpa2

• [T400] Cisco VPN client not working over wireless adapter (but works on cabled connection)

  I have a very strange problem. 
  I need to connect to my work via the cisco vpn client (version 5.0.00.0340). 
  My previous laptop (T43 , windows XP) worked well through both wired / wireless connections.  My desktop machine (vista) works via wired connection (it has no wireless connection). 
  On my new T400, the VPN client works via a wired connection but not via the wireless adapter.  
  On the wireless apapter, the vpn seems to connect OK, but when I try to access resources via the VPN there is little response.
  I get this in the vpn log...
  405   08:56:57.073  04/16/09  Sev=Warning/2 IPSEC/0xE3700003
  Function CniInjectSend() failed with an error code of 0xa4510009 (IPSecDrvCB:846)
   I've tried disabling the firewall (in both the T400 and the router), removed access connections, and disabling tcp v6. I've rebooted everything too. 
  But, nothing seems to work.   I suspect the problem is on the t400 somewhere, because the old laptop used to work OK via wireless.
  I've seen some google links on cisco vpn not working via  wireless but nothing seems to apply to my exact situation yet. 
  Anyone else had this problem or know of a fix? Thanks in advance. 
  Solved!
  Go to Solution.

  all good now, got it working. 
  The Deterministic network thing was not installed on the wireless adapter for some reason.
  So, I installed the latest wireless driver, reinstalled the vpn and all is good now.