Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
5621
Views
5
Helpful
3
Replies

Can't connect to VPN office from my mac.

DanielSubandi
Level 1
Level 1

‎08-25-2021 05:03 AM

Hi Cisco team,

 

my anyconnect can not connect to my office VPN. The message is : 

"AnyConnect cannot confirm it is connected to your secure gateway.  The local network may not be trustworthy.  Please try another network."

 

Here I show my xml.

 

<?xml version="1.0" encoding="UTF-8"?>

<AnyConnectLocalPolicy xmlns="http://schemas.xmlsoap.org/encoding/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:s$

<BypassDownloader>false</BypassDownloader>

<ExcludeFirefoxNSSCertStore>false</ExcludeFirefoxNSSCertStore>

<ExcludeMacNativeCertStore>true</ExcludeMacNativeCertStore>

<ExcludePemFileCertStore>false</ExcludePemFileCertStore>

<ExcludeWinNativeCertStore>false</ExcludeWinNativeCertStore>

<FipsMode>false</FipsMode>

<RestrictHelpWebDeploy>false</RestrictHelpWebDeploy>

<RestrictLocalizationWebDeploy>false</RestrictLocalizationWebDeploy>

<RestrictPreferenceCaching>false</RestrictPreferenceCaching>

<RestrictResourceWebDeploy>false</RestrictResourceWebDeploy>

<RestrictScriptWebDeploy>false</RestrictScriptWebDeploy>

<RestrictServerCertStore>false</RestrictServerCertStore>

<RestrictTunnelProtocols>false</RestrictTunnelProtocols>

<RestrictWebLaunch>false</RestrictWebLaunch>

<StrictCertificateTrust>false</StrictCertificateTrust>

<UpdatePolicy>

<AllowComplianceModuleUpdatesFromAnyServer>true</AllowComplianceModuleUpdatesFromAnyServer>

<AllowHelpUpdatesFromAnyServer>true</AllowHelpUpdatesFromAnyServer>

<AllowISEProfileUpdatesFromAnyServer>true</AllowISEProfileUpdatesFromAnyServer>

<AllowLocalizationUpdatesFromAnyServer>true</AllowLocalizationUpdatesFromAnyServer>

<AllowManagementVPNProfileUpdatesFromAnyServer>true</AllowManagementVPNProfileUpdatesFromAnyServer>

<AllowResourceUpdatesFromAnyServer>true</AllowResourceUpdatesFromAnyServer>

<AllowScriptUpdatesFromAnyServer>true</AllowScriptUpdatesFromAnyServer>

<AllowServiceProfileUpdatesFromAnyServer>true</AllowServiceProfileUpdatesFromAnyServer>

<AllowSoftwareUpdatesFromAnyServer>true</AllowSoftwareUpdatesFromAnyServer>

<AllowVPNProfileUpdatesFromAnyServer>true</AllowVPNProfileUpdatesFromAnyServer></UpdatePolicy>

</AnyConnectLocalPolicy>

 

Can you help me?

 

regards,

Daniel

0 Helpful
3 Replies 3

Marius Gunnerud
VIP
VIP

‎08-25-2021 01:53 PM

In the AnyConnect app window, if you click the settings button at the bottom right , is "Block connection to untrusted servers" selected?  If so, unselect it and try to connect again.

--
Please remember to select a correct answer and rate helpful posts

DanielSubandi
Level 1
Level 1
In response to Marius Gunnerud

‎08-25-2021 07:47 PM

Hi Marius, in anyconnect app I only check "minimize anyconnect on VPN connect". Is there anything can I do?

0 Helpful

Marius Gunnerud
VIP
VIP
In response to DanielSubandi

‎08-27-2021 01:13 PM

Could you doublecheck the file .anyconnect located under /Users/<username> and see if the following entry is present:

<BlockUntrustedServers>false</BlockUntrustedServers></ControllablePreferences>

 

If the entry is present, I suggest running debug webvpn on the VPN headend while you try to connect.  What device is AnyConnect connecting to (ASA, FTD, router, etc.)?

--
Please remember to select a correct answer and rate helpful posts
0 Helpful
Review Cisco Networking for a $25 gift card
Top