03-16-2018 03:54 AM
Hi Experts,
I have an issue, where posture on anyconnect gets stuck at 26% while checking for conditions. I noticed that this is caused due to the SCCM patch definition check which has been specified in one of the conditions.
It is observed that on some machines, there is a certain health check process 'C:\Windows\CCM\ccmrepair.exe' runs, which temporary disables the SCCM client. During this health check, SCCM reports as running, however does not return any data when queried for the patch date. I have observed that this causes anyconnect to stay stuck at 26%, and did not progress any further despite waiting for over 30 minutes. This issue is seen when the condition is kept both mandatory as well as optional. When i kept the condition in the audit state, it got stuck at 96% - 'generating report'.
Is there any workaround to this issue, where we can skip the patch check if SCCM doesnt respond? or is there any method by which i can separately run the patch check condition every 2 days so that it doesnt clash with the health check schedule?
Thank You,
Ashwin
Solved! Go to Solution.
03-16-2018 03:04 PM
Please generate a DART right after AnyConnect got stuck at either situation, open a Cisco TAC case if no TAC case yet, and send the DART bundles to TAC for analysis.
03-16-2018 03:04 PM
Please generate a DART right after AnyConnect got stuck at either situation, open a Cisco TAC case if no TAC case yet, and send the DART bundles to TAC for analysis.
08-18-2019 08:49 PM
Can you let us know what was the resolution TAC provided?
06-14-2018 10:22 AM
Hi Ashwin,
Was this issue resolved for you? We are experiencing similar issues and have a TAC case open. If it was resolved for you, could you please provide a brief overview on the resolution? Appreciate any info provided, thanks!
08-07-2018 10:50 AM
So, I had a case open with Cisco for this issue. After 2 months of aggressive troubleshooting that had Microsoft involved too, Cisco determined it is a bug in the compliance module version 4.2.1538.0 and 4.3.122.0 . They have opened a bug https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvk68628/?reffering_site=dumpcr to track this issue. The work around they suggested was to disable SCCM updates check. We did it and the users don't experience this issue.
08-18-2019 08:39 PM
This there resolution where we not need to disable SCCM patch scan?
08-18-2019 08:49 PM
Can you let us know what TAC provided as solution?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: