cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2556
Views
3
Helpful
9
Replies

SSL VPN error

suthomas1
Level 6
Level 6

Hello folks,

We are getting following error when accessing a server resource over SSL VPN,.

"the server certificate or its chain does not comply with FIPS....."

I did check on cisco and it says it is related to some cryptography standards. But am unable to understand in what circumstance this error can

occur, specially it is just seen and wasnt seen before accessing the same resource over ssl vpn.

I am tryin to gather more data on this error from the reported person. But that may take couple of days.

Meanwhile, will appreciate if i can get any info regarding this from any members who have faced this before.

Thanks in advance!

1 Accepted Solution

Accepted Solutions

2.3, 2.4 and 2.5 are listed as affected. Just double check that 2.2 is not listed in the bug. You might want to downgrade to 2.2 if that is not giving you the error.

Which 2.4 version in particular did you use?

View solution in original post

9 Replies 9

Jennifer Halim
Cisco Employee
Cisco Employee

Seems like you are hitting this bug: CSCta18665 - Need to verify FIPS compliance for server certs on Windows platforms.

Unfortunately bug details are internal, so you might want to open a TAC case.

However, what version of AnyConnect is the user running? and I assume it's AnyConnect windows?

anyconnect vpn client verison being used is 2.2.0136.

Does this cause any issues?

Yes, version 2.2 is affected.

Please upgrade it to the latest version of 2.4.1012

Thanks, however when the 2.2 client was used , the error doesnt appear.

Later learnt that the error during login( user cant login using 2.4 ver) appeared when client was 2.4 version.

any suggestions on how this is the case .

Appreciate your help!

2.3, 2.4 and 2.5 are listed as affected. Just double check that 2.2 is not listed in the bug. You might want to downgrade to 2.2 if that is not giving you the error.

Which 2.4 version in particular did you use?

thanks,this got solved, i asked the user to reinstall to older 2.2 ver and it works fine.

Appreciate your assistance!

Hello Suthomas,

I am experiencing the same issue now.May I know you the server of your SSL?Router or ASA....    If it's router please advise the type and IOS version.Thanks.

It was on ASA . User had somehow tried to run an upgraded version of anyconnect.

got resolved after it was downgraded to original.

let me know if you need more information to help your cause.

Hi,

My equitment is routers.I tried to test with cisco 2611/3745/2811.However got the same error.Do you have any suggestion?Thanks.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: