SSL VPN ERROR REMOTE TELEWORKER (Can not select private key)

mziskind1 · ‎10-07-2011

Hi All,

I am unsuccessfully trying to set-up a remote teleworker phone. I have set up the SSL VPN full tunnel mode. Installed anyconnect package 2.5.3055. Using softwware pack 8.2. Phone is 525g2.

Each time I try to connect to the VPN I receive an error on the phone. The SSL VPN debug log shows the message "Can not select private key ( < fqdn of the UC540 > )".

I have disabled the firewall and tested with the same result.

Anybody know how to remedy this one?

Thanks!

Darren DeCroock · ‎10-07-2011

Hello,

I would suggest trying to remove the trustpoint,then recreate, and re-enroll... This can only be done though CLI...

no crypto pki trustpoint TP-self-signed-xxxxxxxxxx <-- Replace xxxxxxx with number from config.

crypto pki trustpoint TP-self-signed-xxxxxxxxxx <-- Replace xxxxxxx with number from config.

enrollment terminal
subject-name cn=www.ansc-inc.net
revocation-check none
rsakeypair TP-self-signed-xxxxxxxxxx <-- Replace xxxxxxx with number from config.

cry pki enroll TP-self-signed-xxxxxxxxxx <-- Replace xxxxxxx with number from config.
NO
NO
Yes

Thank you,

Darren

mziskind1 · ‎10-10-2011

Thanks Darren. That was enough to get it straightened out.