cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
77629
Views
5
Helpful
8
Replies

Cisco any connect not working after java update.

jerry1091
Level 1
Level 1

After the recent Java 6 Update 29, the Cisco any connect vpn client (2.5.2001) fails to work, hanging at the java part in all not IE browsers.

I've searched but have not found this issue mentioned any where.

We have tested many systems and they all have this same issue.

Can someone point me in the right direction?

Thanks

8 Replies 8

edjubenville
Level 1
Level 1

I have a similar problem.  Yesterday I installed the following Java Development Kit to try some Android app development on a WinXP machine:

    jdk-7u1-windows-i586.exe

Today I discovered that my Cisco AnyConnect VPN client hangs in Firefox 7 at the point of this message:  "Using Sun Java for Installation, Getting the Sun applet.  Please wait...".  Firefox hangs, and must be forcibly terminated.

Also tried it in IE8, but it breaks more vocally there, causing IE8 to close the tab with prejudice, try to recover it, then close it again declaring defeat.

Is this a CISCO problem or a Java problem?

ken2johnson
Level 1
Level 1

I am also having this problem with both 1.6.29 and 1.7 versions of Java. The browser doesn't seem to make a difference. They all crash or hang at different points in the connecting process. I enabled Java debugging and now it tells me that there is a General exception error that is happening when it looks like the browser is hanging at "Getting the Sun applet. Please wait...". For now, my solution is to uninstall Java 1.6.29 and reinstall 1.6.27. Here are more details about this issue.

I have AnyConnect client version 2.5.3041 installed on my computer. Also, I connect to a variety of ASA firewalls running different versions of the OS and AnyConnect software. I can always connect to an ASA 5505 that has OS version 8.2(5) and AnyConnect version 2.5.3041, but Firefox always hangs when I try to connect to an ASA running 8.2(1)11 that has AnyConnect 2.4.1012 on it. So, I think we need to upgrade at least the AnyConnect version on each ASA and maybe even the OS version. This should allow us to install the latest Java releases and still be able to connect to our ASA firewalls. I hope this helps others having this problem.

Below I have pasted the details of the exception error for anyone at Cisco or Oracle that wants to look into this.

-------------------------------------------

java.lang.NullPointerException

at java.util.zip.ZipFile.(Unknown Source)

at java.util.jar.JarFile.(Unknown Source)

at java.util.jar.JarFile.(Unknown Source)

at sun.plugin.PluginURLJarFileCallBack$2.run(Unknown Source)

at java.security.AccessController.doPrivileged(Native Method)

at sun.plugin.PluginURLJarFileCallBack.retrieve(Unknown Source)

at sun.net.www.protocol.jar.URLJarFile.retrieve(Unknown Source)

at sun.net.www.protocol.jar.URLJarFile.getJarFile(Unknown Source)

at sun.net.www.protocol.jar.JarFileFactory.get(Unknown Source)

at sun.net.www.protocol.jar.JarURLConnection.connect(Unknown Source)

at sun.plugin.net.protocol.jar.CachedJarURLConnection.connect(Unknown Source)

at sun.plugin.net.protocol.jar.CachedJarURLConnection.getJarFileInternal(Unknown Source)

at sun.plugin.net.protocol.jar.CachedJarURLConnection.getJarFile(Unknown Source)

at com.sun.deploy.security.DeployURLClassPath$JarLoader.getJarFile(Unknown Source)

at com.sun.deploy.security.DeployURLClassPath$JarLoader.access$1000(Unknown Source)

at com.sun.deploy.security.DeployURLClassPath$JarLoader$1.run(Unknown Source)

at java.security.AccessController.doPrivileged(Native Method)

at com.sun.deploy.security.DeployURLClassPath$JarLoader.ensureOpen(Unknown Source)

at com.sun.deploy.security.DeployURLClassPath$JarLoader.(Unknown Source)

at com.sun.deploy.security.DeployURLClassPath$3.run(Unknown Source)

at java.security.AccessController.doPrivileged(Native Method)

at com.sun.deploy.security.DeployURLClassPath.getLoader(Unknown Source)

at com.sun.deploy.security.DeployURLClassPath.getLoader(Unknown Source)

at com.sun.deploy.security.DeployURLClassPath.getResource(Unknown Source)

at sun.plugin2.applet.Plugin2ClassLoader$2.run(Unknown Source)

at java.security.AccessController.doPrivileged(Native Method)

at sun.plugin2.applet.Plugin2ClassLoader.findClassHelper(Unknown Source)

at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)

at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)

at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)

at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)

at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)

at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)

at java.lang.ClassLoader.loadClass(Unknown Source)

at sun.plugin2.applet.Plugin2ClassLoader.loadCode(Unknown Source)

at sun.plugin2.applet.Plugin2Manager.createApplet(Unknown Source)

at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)

at java.lang.Thread.run(Unknown Source)

I had the same issue with the same stack trace.

The jar the vpn client is trying to load is blacklisted by the jvm. The jvm will not load the jar because it has security vulnerabilities:

http://www.oracle.com/technetwork/java/javase/6u29-relnotes-507960.html

http://www.cisco.com/en/US/products/products_security_advisory09186a0080b80123.shtml

If you go to Control Panel - Java, then click the Advanced tab, open Secutity-General from the tree list. Uncheck "Enable blacklist revocation check". Click apply.

The vpn application will now start without the null pointer exception. I think the real solution is for whoever is providing the vpn application to access their network, upgrade to the newer jars that aren't blacklisted by java.

Are there any new issues with this?

I am getting the same error message, even after disabling the "Enable blacklist revocation check" option.

Craig Lorentzen
Cisco Employee
Cisco Employee

Hello Jerry,

Jake has provided absolutely correct documentation.  He has also mentioned a workaround and the proper solution to upgrade to AnyConnect package loaded on the head-end device.

Please mark this issue resolved, or respond with what further concerns you have.

Thanks,

Craig

Infogal55
Level 1
Level 1

I have unchecked the

"Enable blacklist revocation check"

but still no luck.

System just sits and cranks away and then says:

Access Denied

Your system failed to be validated by the Cisco Secure Desktop and will not be granted access.
Critical failure.Cisco Secure Desktop must run and validate your system to proceed. Please verify your browser settings and configuration and retry.

I have tried turning off the firewall, complte got rid  of Mcafee, but still get the same message  that

"The sun java applet launch has ancountered an error."

I amusing Windows 7 which is up to date and Java is and also up to date.

hariprasad108
Level 1
Level 1

I have the same problem on Ubuntu Linux 15.10, Firefox browser 44.0. It worked with fresh Oracle Java 1.8 installation and IcedTea 8 Plugin till next standard upgrade Java 1.7. I checked, if everything is OK, but still Cisco Secure Desktop issues:

java.lang.ClassNotFoundException: InstallerJava.InstallerJava
    at sun.plugin2.applet.Applet2ClassLoader.findClass(Unknown Source)
    at sun.plugin2.applet.Plugin2ClassLoader.loadClass0(Unknown Source)
    at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
    at sun.plugin2.applet.Plugin2ClassLoader.loadClass(Unknown Source)
    at java.lang.ClassLoader.loadClass(ClassLoader.java:357)
    at sun.plugin2.applet.Plugin2ClassLoader.loadCode(Unknown Source)
    at sun.plugin2.applet.Plugin2Manager.initAppletAdapter(Unknown Source)
    at sun.plugin2.applet.Plugin2Manager$AppletExecutionRunnable.run(Unknown Source)
    at java.lang.Thread.run(Thread.java:745)

I don't know, how to configure Firefox, to find out proper Java installation.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: