cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
13953
Views
5
Helpful
5
Replies

AnyConnect Compliance module error message

wileong
Cisco Employee
Cisco Employee

During compliance check the following error message pop-up. Any idea how to solve this?

 

"The requirement cannot be evaluated since you are connected to an untrusted server. Please contact your administrator"

 

Anyconnect Version = 4.7.01076

Compliance Module = 4.3.562.6144

 

Thanks

Wing Churn

1 Accepted Solution

Accepted Solutions

We've figured out the issue.  It turns out that on some of the posture checks that are run on the newer AnyConnect packages as well the ISE compliance module, they require for the cert being used in ISE to be trusted.  So we exported the self-signed default cert from ISE that we were using and imported it to the endpoint's trusted root certification authorities, and the posture checks were moved forward and continued.

View solution in original post

5 Replies 5

hslai
Cisco Employee
Cisco Employee

Not a known issue with ISE.

Please gather a DART bundle from the affected system, open a TAC case if not done already, and submit it to TAC for investigation.

briankk1582
Level 1
Level 1

Hi Wing Churn,

 

Were you able to find a solution to this issue?  Do we have to import a certificate from somewhere to the endpoints?

We've figured out the issue.  It turns out that on some of the posture checks that are run on the newer AnyConnect packages as well the ISE compliance module, they require for the cert being used in ISE to be trusted.  So we exported the self-signed default cert from ISE that we were using and imported it to the endpoint's trusted root certification authorities, and the posture checks were moved forward and continued.


Good to hear that. We did not continue further as it was a time sensitive PoV.

 

Thanks

Wing Churn

Hi I run anyconnect 4.10 with latest compliance module. 

I am still getting the pop up

 

FYI i have the certificates trusted for all services and also it is signed by internal CA.

 

Still showing this error.

 

"The requirement cannot be evaluated since you are connected to an untrusted server. Please contact your administrator"

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: