10-01-2019 08:12 AM
I'm receiving this error when posture is running system check on AnyConnect, but instead of the primary, it's due to a specific node. Does not matter whether it's primary or secondary. When i stop the services on this specific node, the system check finishes and assign client to the compliance group accordingly. We're running a two-node setup.
Solved! Go to Solution.
10-01-2019 09:27 AM
I figured it out. The wildcard cert on one of the nodes was faulty. Although the second node was a exact restore of the primary, the SANs were missing from the cert. I remove the cert and added it back, restarted the nodes and everything is in working order. Wonder if this was a bug that was mentioned in the recent software updates and bugs.
10-01-2019 09:27 AM
I figured it out. The wildcard cert on one of the nodes was faulty. Although the second node was a exact restore of the primary, the SANs were missing from the cert. I remove the cert and added it back, restarted the nodes and everything is in working order. Wonder if this was a bug that was mentioned in the recent software updates and bugs.
12-11-2019 08:19 AM
Is there a fix? I am running 2.6 patch 3 and have the same issue.
Posture will not work on secondary PAN/PSN when the primary is unreachable. Not good!
12-11-2019 11:01 AM
They said this is fixed in their patch 3. Did you resync the nodes and/or try promoting the primary? I'm still on 2.4 patch 10.
12-11-2019 12:17 PM
Yes. Tried everything. Am running patch 3 with no luck.
TAC case open.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide