Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation

Who Me Too'd this topic

Anyconnect client login process stuck, when DAP is enabled

ronnie.shih
Level 1
Level 1

‎03-18-2024 09:30 AM

I have a brand new pair of Cisco FTD virtual running v7.4.1 code.  When DAP is enabled with hostscan scanning look for Crowdstrike AV >= v5.0 and presence of Windows domain membership registry string, the Anyconnect client gets stuck at the "Please complete the authentication process in the Anyconnect Login window" or sometimes the "Hostscan Mission complete" window.  The Anyconnect login error does not time out for a long time, at least 15 to 20 minutes.  I have a second pair of Cisco FTDv running the exact same code and set of DAP criteria but does not have the same issue.  Hostscan being used is v4.10.08025-k9.  I have verified that my SAML setup against Okta is good.  The minute I take DAP off the remote access policy, everything works, hence SAML setup and remote access group policy are good.

The log that I'm able to extract from the endpoint logging in using the 'cscan.log' situated in the c:\users\username\appdata\local\cisco\Cisco HostScan\log directory shows these lines specifically at point of failure.  Hostscan is actually completing, but results fail to send it appears:

[Thu Mar 14 10:55:17.530 2024][cscan]Function: log_cb_hostscan Thread Id: 0x2B04 File: c:\temp\build\thehoff\phoenix_mr80.290577643163\phoenix_mr8\posture\asa\cscan\scan.c Line: 53 Level: error :Failed in condition: opSuccess != status   -> this shows that scan is completing successfully.

[Thu Mar 14 10:55:18.925 2024][cscan]Function: hs_transport_curl_post Thread Id: 0x2B04 File: c:\temp\build\thehoff\phoenix_mr80.290577643163\phoenix_mr8\posture\common\libhstransport\hs_transport_curl.c Line: 3787 Level: error :libcurl error: 56 Error
[Thu Mar 14 10:55:18.928 2024][cscan]Function: asa_post_dap Thread Id: 0x2B04 File: c:\temp\build\thehoff\phoenix_mr80.290577643163\phoenix_mr8\posture\asa\libasa\asa.c Line: 504 Level: error :results send failed; to peer (https://xx.xx.xx.xx).
[Thu Mar 14 10:55:20.165 2024][cscan]Function: asa_post_dap Thread Id: 0x2B04 File: c:\temp\build\thehoff\phoenix_mr80.290577643163\phoenix_mr8\posture\asa\libasa\asa.c Line: 514 Level: error :unable to retrieve post response.
[Thu Mar 14 10:55:21.177 2024][cscan]Function: scan Thread Id: 0x2B04 File: c:\temp\build\thehoff\phoenix_mr80.290577643163\phoenix_mr8\posture\asa\cscan\main.c Line: 986 Level: error :failed to post scan results.
[Thu Mar 14 10:55:21.182 2024][cscan]Function: halt Thread Id: 0x2B04 File: c:\temp\build\thehoff\phoenix_mr80.290577643163\phoenix_mr8\posture\asa\cscan\main.c Line: 83 Level: all :goodbye (0)

 

I have had a case with TAC for over a week now and it's getting nowhere so far.

1 person had this problem
Labels:
Who Me Too'd this topic