Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
6057
Views
15
Helpful
4
Replies

CSCvq38085 - Posture fails with "Posture failed due to server issues". when Primary PAN is unreachable

Go to solution
dpereziii
Level 1
Level 1

‎10-01-2019 08:12 AM

I'm receiving this error when posture is running system check on AnyConnect, but instead of the primary, it's due to a specific node. Does not matter whether it's primary or secondary. When i stop the services on this specific node, the system check finishes and assign client to the compliance group accordingly. We're running a two-node setup.

Labels:
1 Accepted Solution

Accepted Solutions

Go to solution
dpereziii
Level 1
Level 1

‎10-01-2019 09:27 AM

I figured it out. The wildcard cert on one of the nodes was faulty. Although the second node was a exact restore of the primary, the SANs were missing from the cert. I remove the cert and added it back, restarted the nodes and everything is in working order. Wonder if this was a bug that was mentioned in the recent software updates and bugs.

View solution in original post

0 Helpful
4 Replies 4

Go to solution
dpereziii
Level 1
Level 1

‎10-01-2019 09:27 AM

I figured it out. The wildcard cert on one of the nodes was faulty. Although the second node was a exact restore of the primary, the SANs were missing from the cert. I remove the cert and added it back, restarted the nodes and everything is in working order. Wonder if this was a bug that was mentioned in the recent software updates and bugs.

0 Helpful

Go to solution
jont717
Level 1
Level 1
In response to dpereziii

‎12-11-2019 08:19 AM

Is there a fix?  I am running 2.6 patch 3 and have the same issue. 

 

Posture will not work on secondary PAN/PSN when the primary is unreachable.  Not good! 

Go to solution
dpereziii
Level 1
Level 1
In response to jont717

‎12-11-2019 11:01 AM

They said this is fixed in their patch 3. Did you resync the nodes and/or try promoting the primary? I'm still on 2.4 patch 10.

0 Helpful

Go to solution
jont717
Level 1
Level 1
In response to dpereziii

‎12-11-2019 12:17 PM

Yes.  Tried everything.  Am running patch 3 with no luck. 

 

TAC case open. 

Customers Also Viewed These Support Documents