12-01-2010 03:08 PM - edited 08-27-2017 10:35 PM
This document describes a scenario where user receives a message when Anyconnect fails to connect.
The following message is displayed during a failed anyconnect attempt:
"The server certificate received or its chain does not comply with FIPS. A VPN Connection will not be established"
You may want to check the Anyconnect Local Policy on the affected machine.
The AnyConnectLocalPolicy.xml can be found in the following directory on Windows XP:
C:\Documents and Settings\All Users\Application Data\Cisco\Cisco AnyConnect VPN Client
For Windows 7 or Vista:
C:\ProgramData\Cisco\Cisco AnyConnect VPN Client Edit the 'AnyConnectLocalPolicy.xml' file so that the Fips Mode is set to false: e.g. <FipsMode>false</FipsMode> Save the changes and launch another anyconnect session. A reboot of the PC may be necessary in some cases.
http://www.cisco.com/en/US/products/ps8411/prod_configuration_examples_list.html
Hi,
I have the same issue when I try to connect to my vpn. I am using linux 32 bit machine.
Please tell me how to fix this issue in linux..
Thanks,
Hi,
I did the above in my windows 10 PC but now getting some other error.
"AnyConnect was not able to establish a connection to the specified secure gateway.Please try connection again.
Any body resolved the issue in windows 10.
Thanks
Ashok
This Step is also work in Windows 10 i already tested and working.
C:\ProgramData\Cisco\Cisco AnyConnect VPN Client
Edit the 'AnyConnectLocalPolicy.xml' file so that the Fips Mode is set to false:
e.g.
<FipsMode>false</FipsMode>
Save the changes and launch another anyconnect session.
A reboot of the PC may be necessary in some cases.
Hi,
I am same problem, but I search in my computer and not find any file with this name: AnyConnectLocalPolicy.xml.
I'm try search in another locals and I find this file (C:\Users\david.camarotto\AppData\Local\Cisco\Cisco AnyConnect Secure Mobility Client\preferences.xml) but not have any information that you metion inside it.
<?xml version="1.0" encoding="UTF-8"?>
<AnyConnectPreferences>
<DefaultUser>david.camarotto</DefaultUser>
<DefaultSecondUser></DefaultSecondUser>
<ClientCertificateThumbprint></ClientCertificateThumbprint>
<ServerCertificateThumbprint></ServerCertificateThumbprint>
<DefaultHostName>201.54.6.162/sslmtel</DefaultHostName>
<DefaultHostAddress></DefaultHostAddress>
<DefaultGroup></DefaultGroup>
<ProxyHost></ProxyHost>
<ProxyPort></ProxyPort>
<SDITokenType>none</SDITokenType>
<ControllablePreferences>
<BlockUntrustedServers>false</BlockUntrustedServers></ControllablePreferences>
</AnyConnectPreferences>
Any other idea?
Can you look at this
C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client
Regards,
Dinesh Moudgil
P.S. Please rate helpful posts.
Hi,
We have uploaded the below Client in ASA,, removed AnyConnect from machine, re-installed and now the issue has been resolved.
anyconnect-win-3.1.13015-k9.pkg
Thanks and regards,
Ashok Kumar S.
the file is not there.
maybe it is hiden or it does exist at all.
regards
Moez
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: