Anyconnect log in error

Unanswered Question
Dec 12th, 2011

Anyone seen this before?

The VPN client was unable to setup IP filtering. A VPN connection will not be

established.

We have a Vendor trying to connect with Windows 7 and they are getting this error. I found this from the Cisco site but was wondering if anyone else had some feedback. I can't find anything on it!





The VPN client was unable to setup IP filtering. A VPN connection will not be

established.


Description    AnyConnect failed to apply the VPN configuration settings to its IP filtering subsystem. A VPN connection is not permitted because this failure could compromise both its security and data integrity. This error is unrecoverable.

Recommended User Response    Restart the computer or device. Restart the VPN connection. Run DART. (See Using DART to Gather Troubleshooting Information <http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnect30/administration/guide/ac12managemonitortbs.html#wp1058615> .) Report the error to your organization's technical support and include the DART bundle.

Recommended Administrator Response    Open a case with the Cisco Technical Assistance Center (TAC) and include the DART bundle.

I have this problem too.
1 vote
  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 0 (2 ratings)
mearias Thu, 01/05/2012 - 12:50

Hello.

The error message you are receiving is an specific error message related to the "Base Filtering Engine" system service being disabled.

See info about BFE here:

http://maximumpcguides.com/windows-7/what-is-the-base-filtering-engine-bfe-service/

AnyConnect makes a best-effort attempt to enable and start this service upon the vpnagent service startup (not covered by logs).

Try to  restart the vpnagent service and try to establish the VPNconnection.

Ensure that the "Base Filtering Engine" (BFE) system service is running if the same error ever resurfaces, which may happen if a user or some third-party app disables/stops that service while the vpnagent service is already running. (Again, AnyConnect only makes a one-time effort to enable the BFE service.) 

We can also attempt to  set the BFE service to automatic.

Checkout how to find the service:

Hope it helps!

Actions

Login or Register to take actions

This Discussion

Posted December 12, 2011 at 11:02 AM
Stats:
Replies:2 Avg. Rating:
Views:45492 Votes:1
Shares:0
Tags: No tags.

Discussions Leaderboard