Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3456
Views
0
Helpful
3
Replies

Anyconnect Downloader is installing Compliance Module 4.3.2403 Pop-up

SharveenNair51956
Level 1
Level 1

‎10-28-2021 06:18 AM

Each time users connect to VPN the Anyconnect installer pop-up before or while the posture scan run, but the newer compliance module has been installed to the endpoint but it still shows the pop-up every time they connect VPN.

 

The existing pre-deploy Compliance module is 4.3.1680 and upgrade to 4.3.2403 as Webdeploy from Cisco ISE to the endpoint.

 

VPN: Cisco ASA

ISE Version: 2.6

Patch: 9

Model: SNS-3515-K9

 

*Refer the attachment

 

Thank you.

1 person had this problem
Preview file
21 KB
0 Helpful
3 Replies 3

Mike.Cifelli
VIP Alumni
VIP Alumni

‎10-28-2021 10:17 AM

Each time users connect to VPN the Anyconnect installer pop-up before or while the posture scan run, but the newer compliance module has been installed to the endpoint but it still shows the pop-up every time they connect VPN.

-What version of AnyConnect is in use? 

-Are you working this with TAC too?

-Have you attempted to generate a DART bundle to parse logs?

-Is it possible clients get downgraded via another CPP result on another network perhaps when they move to on site? Then on VPN they get steered/pointed to the new CPP with the new compliance module?

0 Helpful

SharveenNair51956
Level 1
Level 1
In response to Mike.Cifelli

‎10-29-2021 09:12 AM

Initially we push and installed pre-deploy ISE Compliance module 4.3.1680 by SCCM to all endpoints. Later we decided to upgrade the Compliance module to 4.3.2403 by web deploy from ISE to endpoints.

We can see in AnyConnect setting under System Scan > Statistics show the 4.3.2403 version but when we check under control panel > "Program and Features" in windows it still shows the initial pre-deploy installation version which push manually by SCCM 4.3.1680.

 

 

1.Does this cause the installer pop-up frequently arise whenever they connect to VPN?

 

2. When the ISE push the newer version compliance module (4.3.2403) will it replace the existing pre-deploy compliance module (4.3.1680) in endpoint ? or it'll only change at AnyConnect settings under statistics?

 

- AnyConnect Version 4.10

 

- No TAC case been raised

 

- No haven't yet

0 Helpful

Mike.Cifelli
VIP Alumni
VIP Alumni

‎11-01-2021 05:32 AM

1.Does this cause the installer pop-up frequently arise whenever they connect to VPN?

-If the client is running a lesser/different version than what is configured in CPP AnyConnect result, then yes.  

2. When the ISE push the newer version compliance module (4.3.2403) will it replace the existing pre-deploy compliance module (4.3.1680) in endpoint ? or it'll only change at AnyConnect settings under statistics?

-AFAIK it should replace it.  

 

0 Helpful
Customers Also Viewed These Support Documents