Solved: CSCvq38085 - Posture fails with "Posture failed due to server issues". when Primary PAN is unreachab...

dpereziii · ‎10-01-2019

I'm receiving this error when posture is running system check on AnyConnect, but instead of the primary, it's due to a specific node. Does not matter whether it's primary or secondary. When i stop the services on this specific node, the system check finishes and assign client to the compliance group accordingly. We're running a two-node setup.

dpereziii · ‎10-01-2019

I figured it out. The wildcard cert on one of the nodes was faulty. Although the second node was a exact restore of the primary, the SANs were missing from the cert. I remove the cert and added it back, restarted the nodes and everything is in working order. Wonder if this was a bug that was mentioned in the recent software updates and bugs.

View solution in original post

dpereziii · ‎10-01-2019

I figured it out. The wildcard cert on one of the nodes was faulty. Although the second node was a exact restore of the primary, the SANs were missing from the cert. I remove the cert and added it back, restarted the nodes and everything is in working order. Wonder if this was a bug that was mentioned in the recent software updates and bugs.

jont717 · ‎12-11-2019

Is there a fix? I am running 2.6 patch 3 and have the same issue.

Posture will not work on secondary PAN/PSN when the primary is unreachable. Not good!

dpereziii · ‎12-11-2019

They said this is fixed in their patch 3. Did you resync the nodes and/or try promoting the primary? I'm still on 2.4 patch 10.

jont717 · ‎12-11-2019

Yes. Tried everything. Am running patch 3 with no luck.

TAC case open.

CSCvq38085 - Posture fails with "Posture failed due to server issues". when Primary PAN is unreachable