I upgraded my AnyConnect packages to 3.1.04066 (win and osx) from 3.1.0.04059 yesterday and now I can no longer connect to the ASA with my OSX-client. Windows client still works fine and connects to the ASA.
The ASA is using a self-signed certificate and no other changes have been made but changing the webdeployment-packages containing the client for Windows and OSX.
I get two errormessages:
Any thoughts on this problem?
I have tried to remove the .anyconnect file under the users home folder in OSX.
I have reinstalled the client on the OSX-computer
Regenerated a new certificate on the ASA and that certificate works fine with the wondows client but no luck with OSX.
The problem is with FIPS (Federal Information Processing Standard). On default ASA disables it but in 3.1.04066 OSX client there's a bug that forces it on. FIPS wont accept default self-signed certificates and prevents the connection.
To fix the issue, upgrade or downgrade your client. Currently newest version is 3.1.04072 that also has some improvements for OSX 10.9
The root of the problem is still the default self-signed certificate that anyconnect uses. This might also cause annoying security warning pop-ups whenever a user connects to an ASA with these default certificate settings.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :