Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Certificate error when using AnyConnect with AD and SecurID auth on a few clients

Hi,

We have an ASA5510 set up with AnyConnect Essentials, with clients connecting from both XP and Win7.

This works as expected on most clients, but on 3 XP clients we get a strange error.

They get the software installed and connects successfully the first time.

On every connection attempt after that, they get a message saying "VPN connection terminated, the certificate was not found on smart card or smart card not present".

We do not use certificates for authentication at all (only LDAP and securid).

Trying to connect with a known good username/password on one of these computers, gives the same error.

Connecting with one of the problem users on a known working VPN setup/PC works every time.

If we remove the AnyConnect Client from one of the problem computers and then installs it again, it works the first time (as before).

Then all attempts after that gives the samme error.

The connection profile and settings for the affected users are identical to all others who work.

What could the problem be ?

1 ACCEPTED SOLUTION

Accepted Solutions
New Member

Re: Certificate error when using AnyConnect with AD and SecurID

upgrade to

3.0.5075 solved my problem

5 REPLIES
New Member

Re: Certificate error when using AnyConnect with AD and SecurID

Hi,

Try Clearing the SSL State on Internet Explorer Options in Windows XP. Go to control panel, internet options, content, "Clear SSL State"

Also, under "content" go to the Certificate's tab and under "Trusted Root Cert Authorities" see if the SSL Certiciate for yor ASA5510 Appliance is listed as the Public IP of the outside interface. If not, add it to this list and try connecting again.

Regards,

New Member

Re: Certificate error when using AnyConnect with AD and SecurID

Hi,

Thank you for the suggestions.

Tried clearing the SSL state with no success.

We are using a GoDaddy certificate for the device, so the GoDaddy root cert was already present.

What is strange is that connecting through the webpage works (after it has checked for updates etc), but directly from AnyConnect Secure Mobility Client gives the mentioned certificate error.

Best Regards,

Are

New Member

Re: Certificate error when using AnyConnect with AD and SecurID

I see the same error after upgrading to version 3.0.4235, but only with people that use isabel/smartcardreaders.

New Member

Re: Certificate error when using AnyConnect with AD and SecurID

upgrade to

3.0.5075 solved my problem

New Member

Re: Certificate error when using AnyConnect with AD and SecurID

Thank you for the information.

Just upgrading didn't work, but removing the client completely and then installing ver. 3.0.5075 worked.

3139
Views
0
Helpful
5
Replies