12-20-2011 07:41 AM - edited 02-21-2020 05:46 PM
My company recently pushed Sophos Endpoint Security and Control 9.7 to 2000 client machines..now we are having a random issue with certain machines where the anyconnect service isn't starting automatically although its set to do so. Keep in mind that it doesn't happen on all of our machines. Specifically, on Windows 7 Enterprise 32 bit and has also appeared to happend on 64 bit also. The error indicates that the "VPN agent service is not reponding. Please resart this application after a minute." If an administrator start the service, it works fine. However, if the user reboots, the service still doesn't automatically start...same issue happends on an adminstartors account. But again, all of our users aren't administrators on their machines to be able to start the service.
We've contacted Sophos and they indicate, they too use anyconnect but version 2.4 and aren't having these issues.
Please assist in anyway possible.
This is the error logs
Level: Warning
Source: vpnlap
Event ID: 1
Task Category: Engineering Debug Details
Function: XmlLocalACPolMgr::addAttribute
File: ..\Common\Xml\XmlLocalACPolMgr.cpp
Line:679
The parsed Local Security Policy File version is newer then the current AnyConnect Client. Unexpected behavior can result.
Level: Warning
Source: vpnlap
Event ID: 2
Task Category: Engineering Debug Details
Function: CVpnPlapImpl::isSBLEnabled
File: .\VpnPlapImpl.cpp
Line:289
Invoked Function: CVpnPlapImpl::isSBLEnabled
Return Code: 0 (0x00000000)
Description: The VPN agent is not running.
12-22-2011 06:06 PM
Hi,
From reading this thread regarding a similar issue in reference to Cisco AnyConnect 2.4 vs. Cisco AnyConnect 2.5 there are several possible solutions that could resolve your issue. If you read Jbeltrame’s post he was able to resolve his by running Cisco AnyConnect 2.5 as an administrator.
Is it possible for you to allow your users in to run just the Cisco AnyConnect 2.5 application as an administrator via GP (Group Policy)?
There is also another suggestion made by mulatif to check your ROOT certificates on Windows 7 and see if you have any that may be out-dated. As he states, “The certificate used for signing some DLLs in the Any Connect package has changed from 2.4 to 2.5. Please verify that the Windows PC is updated with the current Root Certificates.”
Jessica
Windows Outreach Team – IT Pro
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide