Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Error - AnyConnect cannot confirm it is connected to your secure gateway

Hello,

Environment Details:

OS - Ubuntu 9 64 bit

AnyConnect 2.5 64 bit.

When attempting to connect to a site that uses a self signed certificate AnyConnect displays :

"AnyConnect cannot confirm it is connected to your secure gateway"

I noticed in the release notes it mentioned this error is caused when strict mode is enabled. Does strict mode need to be disable? If so, how? I'm able to connect in a Windows 7 environment, but a dialog does display asking if I want to trust the untrusted source. Any ideas?

Thanks,

Steve

7 REPLIES
Cisco Employee

Re: Error - AnyConnect cannot confirm it is connected to your se

Steve,

I'm not an expert on this matter but I can have a look.

Can you show me "show tech" from headend and make an strace with a failing connection?

Marcin

New Member

Re: Error - AnyConnect cannot confirm it is connected to your se

I'm don't have access to the server. It looks like you are asking for output from the server process. Right? I did point the administration staff to this thread. Hopefully we'll be able to get you the requested info. In the meantime, I tried executing from the command line and came up with a slightly different error.

./vpn connect XXX.XXX.XXX.XXX
Cisco AnyConnect VPN Client (version 2.5.1025) .

Copyright (c) 2004 - 2010 Cisco Systems, Inc.
All Rights Reserved.


  >> state: Disconnected
  >> warning: No profile is available.  Please enter host to "Connect to".
  >> notice: VPN Service is available.
  >> registered with local VPN subsystem.
  >> state: Disconnected
  >> notice: VPN Service is available.
VPN>   >> contacting host (XXX.XXX.XXX.XXX) for login information...
  >> notice: Contacting XXX.XXX.XXX.XXX.
VPN>
  >> Please enter your username and password.

Username: [xxxxxx]
Password:
  >> state: Connecting
  >> notice: Establishing VPN session...
  >> error: The AnyConnect package on the secure gateway could not be located. You may be experiencing network connectivity issues. Please try connecting again.
  >> notice: Connection attempt has failed.
  >> state: Disconnected

Cisco Employee

Re: Error - AnyConnect cannot confirm it is connected to your se

Steve,

Strace is local on unix.

Try:

strace ./vpn connect XXX.XXX.XXX.XXX

Marcin

New Member

Re: Error - AnyConnect cannot confirm it is connected to your se

strace attached...

Cisco Employee

Re: Error - AnyConnect cannot confirm it is connected to your se

Steve,

Are you sure that linux Anyconnect package is available on the ASA?

I see this in strace:

"  >> error: The AnyConnect package on the secure gateway could not be located. You may be experiencing network connectivity issues. Please try connecting again."

Could be also related to:

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCte99278

Marcin

New Member

Re: Error - AnyConnect cannot confirm it is connected to your se

More info... When connecting via a Windows 7 client, a dialog displayed stating the connection attempt was to an untrusted source. Diving deeper into the dialog allowed importing the certificate into a keystore. I'm wondering if I could import that certificate on the Linux side. If so, do you know where the keystore used by the Linux version is located?

Cisco Employee

Re: Error - AnyConnect cannot confirm it is connected to your se

Steve,

Anyconnect on linux will use Firefox's certificate store.

Marcin

17684
Views
0
Helpful
7
Replies