Anyconnect fails with SVC message 16

Unanswered Question
Apr 10th, 2010
User Badges:

I have tried to configure Anyconnect for SSL access on my ASA.


I can connect to the ASA, download the software, but each time I try to connect it fails. I see the client trying to connect but it says it cannot establis a connection!


I attach my config file. Any ideas what I should do?


The debug is as follows:-

10-04-10 21:23:01    Local4.Info    200.0.0.100    %ASA-6-716001: Group <VPNUsers> User <Mark> IP <80.177.219.168> WebVPN session started.

2010-04-10 21:23:01    Local4.Info    200.0.0.100    %ASA-6-716038: Group <VPNUsers> User <Mark> IP <80.177.219.168> Authentication: successful, Session Type: WebVPN.

2010-04-10 21:23:01    Local4.Info    200.0.0.100    %ASA-6-302013: Built inbound TCP connection 1184 for outside:80.177.219.168/4940 (80.177.219.168/4940) to identity:217.37.175.6/443 (217.37.175.6/443)

2010-04-10 21:23:01    Local4.Info    200.0.0.100    %ASA-6-725001: Starting SSL handshake with client outside:80.177.219.168/4940 for TLSv1 session.

2010-04-10 21:23:01    Local4.Info    200.0.0.100    %ASA-6-725003: SSL client outside:80.177.219.168/4940 request to resume previous session.

2010-04-10 21:23:01    Local4.Info    200.0.0.100    %ASA-6-725002: Device completed SSL handshake with client outside:80.177.219.168/4940

2010-04-10 21:23:01    Local4.Info    200.0.0.100    %ASA-6-725007: SSL session with client outside:80.177.219.168/4940 terminated.

2010-04-10 21:23:01    Local4.Info    200.0.0.100    %ASA-6-302014: Teardown TCP connection 1184 for outside:80.177.219.168/4940 to identity:217.37.175.6/443 duration 0:00:00 bytes 126 TCP Reset-I

2010-04-10 21:23:01    Local4.Info    200.0.0.100    %ASA-6-302013: Built inbound TCP connection 1185 for outside:80.177.219.168/4943 (80.177.219.168/4943) to identity:217.37.175.6/443 (217.37.175.6/443)

2010-04-10 21:23:01    Local4.Info    200.0.0.100    %ASA-6-725001: Starting SSL handshake with client outside:80.177.219.168/4943 for TLSv1 session.

2010-04-10 21:23:01    Local4.Info    200.0.0.100    %ASA-6-725003: SSL client outside:80.177.219.168/4943 request to resume previous session.

2010-04-10 21:23:01    Local4.Info    200.0.0.100    %ASA-6-725002: Device completed SSL handshake with client outside:80.177.219.168/4943

2010-04-10 21:23:02    Local4.Info    200.0.0.100    %ASA-6-302013: Built inbound TCP connection 1186 for outside:80.177.219.168/4946 (80.177.219.168/4946) to identity:217.37.175.6/443 (217.37.175.6/443)

2010-04-10 21:23:02    Local4.Info    200.0.0.100    %ASA-6-725001: Starting SSL handshake with client outside:80.177.219.168/4946 for TLSv1 session.

2010-04-10 21:23:02    Local4.Info    200.0.0.100    %ASA-6-725003: SSL client outside:80.177.219.168/4946 request to resume previous session.

2010-04-10 21:23:02    Local4.Info    200.0.0.100    %ASA-6-725002: Device completed SSL handshake with client outside:80.177.219.168/4946

2010-04-10 21:23:02    Local4.Info    200.0.0.100    %ASA-6-725007: SSL session with client outside:80.177.219.168/4946 terminated.

2010-04-10 21:23:02    Local4.Info    200.0.0.100    %ASA-6-302014: Teardown TCP connection 1186 for outside:80.177.219.168/4946 to identity:217.37.175.6/443 duration 0:00:00 bytes 126 TCP Reset-I

2010-04-10 21:23:02    Local4.Info    200.0.0.100    %ASA-6-302013: Built inbound TCP connection 1187 for outside:80.177.219.168/4949 (80.177.219.168/4949) to identity:217.37.175.6/443 (217.37.175.6/443)

2010-04-10 21:23:02    Local4.Info    200.0.0.100    %ASA-6-725001: Starting SSL handshake with client outside:80.177.219.168/4949 for TLSv1 session.

2010-04-10 21:23:02    Local4.Info    200.0.0.100    %ASA-6-725003: SSL client outside:80.177.219.168/4949 request to resume previous session.

2010-04-10 21:23:02    Local4.Info    200.0.0.100    %ASA-6-725002: Device completed SSL handshake with client outside:80.177.219.168/4949

2010-04-10 21:23:02    Local4.Info    200.0.0.100    %ASA-6-302013: Built inbound TCP connection 1188 for outside:80.177.219.168/4952 (80.177.219.168/4952) to identity:217.37.175.6/443 (217.37.175.6/443)

2010-04-10 21:23:02    Local4.Info    200.0.0.100    %ASA-6-725001: Starting SSL handshake with client outside:80.177.219.168/4952 for TLSv1 session.

2010-04-10 21:23:02    Local4.Info    200.0.0.100    %ASA-6-725003: SSL client outside:80.177.219.168/4952 request to resume previous session.

2010-04-10 21:23:02    Local4.Info    200.0.0.100    %ASA-6-725002: Device completed SSL handshake with client outside:80.177.219.168/4952

2010-04-10 21:23:02    Local4.Info    200.0.0.100    %ASA-6-725007: SSL session with client outside:80.177.219.168/4952 terminated.

2010-04-10 21:23:02    Local4.Info    200.0.0.100    %ASA-6-302014: Teardown TCP connection 1188 for outside:80.177.219.168/4952 to identity:217.37.175.6/443 duration 0:00:00 bytes 126 TCP Reset-I

2010-04-10 21:23:03    Local4.Info    200.0.0.100    %ASA-6-302013: Built inbound TCP connection 1189 for outside:80.177.219.168/4955 (80.177.219.168/4955) to identity:217.37.175.6/443 (217.37.175.6/443)

2010-04-10 21:23:03    Local4.Info    200.0.0.100    %ASA-6-725001: Starting SSL handshake with client outside:80.177.219.168/4955 for TLSv1 session.

2010-04-10 21:23:03    Local4.Info    200.0.0.100    %ASA-6-725003: SSL client outside:80.177.219.168/4955 request to resume previous session.

2010-04-10 21:23:03    Local4.Info    200.0.0.100    %ASA-6-725002: Device completed SSL handshake with client outside:80.177.219.168/4955

2010-04-10 21:23:04    Local4.Debug    200.0.0.100    %ASA-7-710005: TCP request discarded from 221.192.199.49/12200 to outside:217.37.175.6/8080

2010-04-10 21:23:04    Local4.Info    200.0.0.100    %ASA-6-302013: Built inbound TCP connection 1190 for outside:80.177.219.168/4959 (80.177.219.168/4959) to identity:217.37.175.6/443 (217.37.175.6/443)

2010-04-10 21:23:04    Local4.Info    200.0.0.100    %ASA-6-725001: Starting SSL handshake with client outside:80.177.219.168/4959 for TLSv1 session.

2010-04-10 21:23:04    Local4.Debug    200.0.0.100    %ASA-7-725010: Device supports the following 4 cipher(s).

2010-04-10 21:23:04    Local4.Debug    200.0.0.100    %ASA-7-725011: Cipher[1] : RC4-SHA

2010-04-10 21:23:04    Local4.Debug    200.0.0.100    %ASA-7-725011: Cipher[2] : AES128-SHA

2010-04-10 21:23:04    Local4.Debug    200.0.0.100    %ASA-7-725011: Cipher[3] : AES256-SHA

2010-04-10 21:23:04    Local4.Debug    200.0.0.100    %ASA-7-725011: Cipher[4] : DES-CBC3-SHA

2010-04-10 21:23:04    Local4.Debug    200.0.0.100    %ASA-7-725008: SSL client outside:80.177.219.168/4959 proposes the following 8 cipher(s).

2010-04-10 21:23:04    Local4.Debug    200.0.0.100    %ASA-7-725011: Cipher[1] : RC4-MD5

2010-04-10 21:23:04    Local4.Debug    200.0.0.100    %ASA-7-725011: Cipher[2] : RC4-SHA

2010-04-10 21:23:04    Local4.Debug    200.0.0.100    %ASA-7-725011: Cipher[3] : DES-CBC3-SHA

2010-04-10 21:23:04    Local4.Debug    200.0.0.100    %ASA-7-725011: Cipher[4] : DES-CBC-SHA

2010-04-10 21:23:04    Local4.Debug    200.0.0.100    %ASA-7-725011: Cipher[5] : EXP-RC4-MD5

2010-04-10 21:23:04    Local4.Debug    200.0.0.100    %ASA-7-725011: Cipher[6] : EXP-RC2-CBC-MD5

2010-04-10 21:23:04    Local4.Debug    200.0.0.100    %ASA-7-725011: Cipher[7] : EDH-DSS-DES-CBC3-SHA

2010-04-10 21:23:04    Local4.Debug    200.0.0.100    %ASA-7-725011: Cipher[8] : EDH-DSS-DES-CBC-SHA

2010-04-10 21:23:04    Local4.Debug    200.0.0.100    %ASA-7-725012: Device chooses cipher : RC4-SHA for the SSL session with client outside:80.177.219.168/4959

2010-04-10 21:23:04    Local4.Info    200.0.0.100    %ASA-6-725002: Device completed SSL handshake with client outside:80.177.219.168/4959

2010-04-10 21:23:05    Local4.Info    200.0.0.100    %ASA-6-725007: SSL session with client outside:80.177.219.168/4959 terminated.

2010-04-10 21:23:05    Local4.Info    200.0.0.100    %ASA-6-302014: Teardown TCP connection 1190 for outside:80.177.219.168/4959 to identity:217.37.175.6/443 duration 0:00:00 bytes 575 TCP Reset-I

2010-04-10 21:23:08    Local4.Info    200.0.0.100    %ASA-6-302013: Built inbound TCP connection 1191 for outside:80.177.219.168/4962 (80.177.219.168/4962) to identity:217.37.175.6/443 (217.37.175.6/443)

2010-04-10 21:23:08    Local4.Info    200.0.0.100    %ASA-6-725001: Starting SSL handshake with client outside:80.177.219.168/4962 for TLSv1 session.

2010-04-10 21:23:08    Local4.Info    200.0.0.100    %ASA-6-725003: SSL client outside:80.177.219.168/4962 request to resume previous session.

2010-04-10 21:23:08    Local4.Info    200.0.0.100    %ASA-6-725002: Device completed SSL handshake with client outside:80.177.219.168/4962

2010-04-10 21:23:09    Local4.Info    200.0.0.100    %ASA-6-302013: Built inbound TCP connection 1192 for outside:80.177.219.168/4966 (80.177.219.168/4966) to identity:217.37.175.6/443 (217.37.175.6/443)

2010-04-10 21:23:09    Local4.Info    200.0.0.100    %ASA-6-725001: Starting SSL handshake with client outside:80.177.219.168/4966 for TLSv1 session.

2010-04-10 21:23:09    Local4.Debug    200.0.0.100    %ASA-7-725010: Device supports the following 4 cipher(s).

2010-04-10 21:23:09    Local4.Debug    200.0.0.100    %ASA-7-725011: Cipher[1] : RC4-SHA

2010-04-10 21:23:09    Local4.Debug    200.0.0.100    %ASA-7-725011: Cipher[2] : AES128-SHA

2010-04-10 21:23:09    Local4.Debug    200.0.0.100    %ASA-7-725011: Cipher[3] : AES256-SHA

2010-04-10 21:23:09    Local4.Debug    200.0.0.100    %ASA-7-725011: Cipher[4] : DES-CBC3-SHA

2010-04-10 21:23:09    Local4.Debug    200.0.0.100    %ASA-7-725008: SSL client outside:80.177.219.168/4966 proposes the following 6 cipher(s).

2010-04-10 21:23:09    Local4.Debug    200.0.0.100    %ASA-7-725011: Cipher[1] : AES256-SHA

2010-04-10 21:23:09    Local4.Debug    200.0.0.100    %ASA-7-725011: Cipher[2] : AES128-SHA

2010-04-10 21:23:09    Local4.Debug    200.0.0.100    %ASA-7-725011: Cipher[3] : DES-CBC3-SHA

2010-04-10 21:23:09    Local4.Debug    200.0.0.100    %ASA-7-725011: Cipher[4] : RC4-SHA

2010-04-10 21:23:09    Local4.Debug    200.0.0.100    %ASA-7-725011: Cipher[5] : RC4-MD5

2010-04-10 21:23:09    Local4.Debug    200.0.0.100    %ASA-7-725011: Cipher[6] : DES-CBC-SHA

2010-04-10 21:23:09    Local4.Debug    200.0.0.100    %ASA-7-725012: Device chooses cipher : RC4-SHA for the SSL session with client outside:80.177.219.168/4966

2010-04-10 21:23:09    Local4.Info    200.0.0.100    %ASA-6-725002: Device completed SSL handshake with client outside:80.177.219.168/4966

2010-04-10 21:23:09    Local4.Debug    200.0.0.100    %ASA-7-737001: IPAA: Received message 'UTL_IP_[IKE_]ADDR_REQ'

2010-04-10 21:23:09    Local4.Notice    200.0.0.100    %ASA-5-737003: IPAA: DHCP configured, no viable servers found for tunnel-group 'Remoteaccess'

2010-04-10 21:23:09    Local4.Info    200.0.0.100    %ASA-6-737026: IPAA: Client assigned 172.22.0.1 from local pool

2010-04-10 21:23:09    Local4.Info    200.0.0.100    %ASA-6-737006: IPAA: Local pool request succeeded for tunnel-group 'Remoteaccess'

2010-04-10 21:23:09    Local4.Notice    200.0.0.100    %ASA-5-722033: Group <VPNUsers> User <Mark> IP <80.177.219.168> First TCP SVC connection established for SVC session.

2010-04-10 21:23:09    Local4.Info    200.0.0.100    %ASA-6-722022: Group <VPNUsers> User <Mark> IP <80.177.219.168> TCP SVC connection established with compression

2010-04-10 21:23:09    Local4.Warning    200.0.0.100    %ASA-4-722051: Group <VPNUsers> User <Mark> IP <80.177.219.168> Address <172.22.0.1> assigned to session

2010-04-10 21:23:09    Local4.Notice    200.0.0.100    %ASA-5-722010: Group <VPNUsers> User <Mark> IP <80.177.219.168> SVC Message: 16/ERROR: Failed to fully establish a connection to the secure gateway (proxy authentication, handshake, bad cert, etc.)..

2010-04-10 21:23:09    Local4.Notice    200.0.0.100    %ASA-5-722037: Group <VPNUsers> User <Mark> IP <80.177.219.168> SVC closing connection: User Requested.

2010-04-10 21:23:09    Local4.Info    200.0.0.100    %ASA-6-716002: Group <VPNUsers> User <Mark> IP <80.177.219.168> WebVPN session terminated: User Requested.

2010-04-10 21:23:09    Local4.Warning    200.0.0.100    %ASA-4-113019: Group = Remoteaccess, Username = Mark, IP = 80.177.219.168, Session disconnected. Session Type: SSL, Duration: 0h:00m:09s, Bytes xmt: 11890, Bytes rcv: 3131, Reason: User Requested

2010-04-10 21:23:09    Local4.Info    200.0.0.100    %ASA-6-737016: IPAA: Freeing local pool address 172.22.0.1

2010-04-10 21:23:09    Local4.Info    200.0.0.100    %ASA-6-722023: Group <VPNUsers> User <Mark> IP <80.177.219.168> TCP SVC connection terminated with compression

2010-04-10 21:23:09    Local4.Debug    200.0.0.100    %ASA-7-722029: Group <VPNUsers> User <Mark> IP <80.177.219.168> SVC Session Termination: Conns: 1, DPD Conns: 0, Comp resets: 0, Dcmp resets: 0.

2010-04-10 21:23:09    Local4.Debug    200.0.0.100    %ASA-7-722030: Group <VPNUsers> User <Mark> IP <80.177.219.168> SVC Session Termination: In: 0 (+120) bytes, 0 (+1) packets, 0 drops.

2010-04-10 21:23:09    Local4.Debug    200.0.0.100    %ASA-7-722031: Group <VPNUsers> User <Mark> IP <80.177.219.168> SVC Session Termination: Out: 761 (+23) bytes, 1 (+1) packets, 0 drops.

2010-04-10 21:23:09    Local4.Info    200.0.0.100    %ASA-6-725007: SSL session with client outside:80.177.219.168/4966 terminated.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
mawallace Sat, 04/10/2010 - 15:00
User Badges:

Sorted!!


It was Kaspersky Anti Virus running my PC - not too sure what I need to disable but by turning off protection on a tempoary basis it worked!

Brett Bajcsi Thu, 05/24/2012 - 17:23
User Badges:

I know this topic is really old. However, we have the same problem with Kaspersky.  There are two ways to make it work after a fresh install. 


1) You can reboot the computer. It will connect fine after that.

2) Disable Kaspersky, connect to the VPN.  Disconnect from the VPN, reenable Kaspersky.  It will always connect after that.

Actions

This Discussion