Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
16047
Views
0
Helpful
3
Replies

Anyconnect SSL client uses IPSec?

Go to solution
tato386
Level 6
Level 6

‎07-27-2014 02:24 PM - edited ‎03-11-2019 09:32 PM

I am trying to setup an AnyConnect SSL VPN connection and receiving an IPsec error?  The error I am getting is:

"The IPsec VPN was terminated due to an authentication failure or timeout"

The Group policy that I am using has only SSL AnyConnect checked off. So I am confused as to why the error mentions IPSec.   Furthermore,  I found the error in the AnyConnect documentation but if only serves to further confuse me.  It states that this error is caused due to  authentication error or certificate issues.

But the error comes after I authenticated at the portal and the client has been downloaded.  I also hit "connect anyway" at the SSL cert warning appears.  So it would seem that the issues the documentation mentions do not apply to this situation.

Any ideas?

TIA.

2 people had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎07-27-2014 08:43 PM

What is the transport protocol specified in your locally-stored connection profile? (xml file stored in "C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\Profile" on Windows 7).

That setting determines what transport is used / attempted. You will generally still use SSL for client services (updating AnyConnect and profile updates most commonly) and thus see the SSL certificate being used whether or not the VPN is SSL or IPsec with IKEv2.

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎07-27-2014 08:43 PM

What is the transport protocol specified in your locally-stored connection profile? (xml file stored in "C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\Profile" on Windows 7).

That setting determines what transport is used / attempted. You will generally still use SSL for client services (updating AnyConnect and profile updates most commonly) and thus see the SSL certificate being used whether or not the VPN is SSL or IPsec with IKEv2.

0 Helpful

Go to solution
tato386
Level 6
Level 6
In response to Marvin Rhoads

‎07-31-2014 12:40 PM

That did the trick!

 

Thank you sir.

Diego

0 Helpful

Go to solution
DeanSundquist5904
Level 1
Level 1
In response to Marvin Rhoads

‎10-30-2020 09:15 PM

Thanks, 6 years later still relevant.  Think this was a product of connecting my AnyConnect to many locations, one of which downloaded a profile, than affected my connection to another VPN.  Just deleted everything in that folder (C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\Profile), and was on Windows 10. 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card