Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2966
Views
0
Helpful
1
Replies

Cisco AnyConnect 2.5 and Sophos EndPoint 9.7

ServiceError
Level 1
Level 1

‎12-20-2011 07:41 AM - edited ‎02-21-2020 05:46 PM

My company recently pushed Sophos Endpoint Security and Control 9.7 to 2000 client machines..now we are having a random issue with certain machines where the anyconnect service isn't starting automatically although its set to do so. Keep in mind that it doesn't happen on all of our machines.  Specifically, on Windows 7 Enterprise 32 bit and has also appeared to happend on 64 bit also.  The error indicates that the "VPN agent service is not reponding. Please resart this application after a minute."  If an administrator start the service, it works fine.  However, if the user reboots, the service still doesn't automatically start...same issue happends on an adminstartors account.  But again, all of our users aren't administrators on their machines to be able to start the service.

We've contacted Sophos and they indicate, they too use anyconnect but version 2.4 and aren't having these issues. 

Please assist in anyway possible.

This is the error logs

Level: Warning

Source: vpnlap

Event ID: 1

Task Category: Engineering Debug Details

Function: XmlLocalACPolMgr::addAttribute

File: ..\Common\Xml\XmlLocalACPolMgr.cpp

Line:679

The parsed Local Security Policy File version is newer then the current AnyConnect Client. Unexpected behavior can result.

Level: Warning

Source: vpnlap

Event ID: 2

Task Category: Engineering Debug Details

Function: CVpnPlapImpl::isSBLEnabled

File: .\VpnPlapImpl.cpp

Line:289

Invoked Function: CVpnPlapImpl::isSBLEnabled

Return Code: 0 (0x00000000)

Description: The VPN agent is not running.

Labels:
0 Helpful
1 Reply 1

winoutreach5
Level 1
Level 1

‎12-22-2011 06:06 PM

Hi,

From reading this thread regarding a similar issue in reference to Cisco AnyConnect 2.4 vs. Cisco AnyConnect 2.5 there are several possible solutions that could resolve your issue. If you read Jbeltrame’s post he was able to resolve his by running Cisco AnyConnect 2.5 as an administrator.

Is it possible for you to allow your users in to run just the Cisco AnyConnect 2.5 application as an administrator via GP (Group Policy)?

There is also another suggestion made by mulatif to check your ROOT certificates on Windows 7 and see if you have any that may be out-dated. As he states, “The certificate used for signing some DLLs in the Any Connect package has changed from 2.4 to 2.5. Please verify that the Windows PC is updated with the current Root Certificates.”

Jessica
Windows Outreach Team – IT Pro

0 Helpful
Customers Also Viewed These Support Documents