Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1005
Views
5
Helpful
4
Replies

anyconnect can't create virtual adapter

Jacob548784
Level 1
Level 1

‎02-16-2022 11:21 AM

Hi, 

 

i am running anyconnect 4.8 on WM win11 but crash on that with message : anyconnect was not able to esthablish a connection... 

(all FW, AV, all off, clean windows installation)

 

 

7:59:23 PM User credentials entered.
7:59:23 PM Please respond to banner.
7:59:24 PM User accepted banner.
7:59:24 PM Establishing VPN session...
7:59:24 PM The AnyConnect Downloader is performing update checks...
7:59:24 PM Checking for profile updates...
7:59:24 PM Checking for customization updates...
7:59:24 PM Performing any required updates...
7:59:24 PM The AnyConnect Downloader updates have been completed.
7:59:25 PM Establishing VPN - Initiating connection...
7:59:25 PM Establishing VPN session...
7:59:25 PM Establishing VPN - Examining system...
7:59:25 PM Establishing VPN - Activating VPN adapter...
7:59:25 PM Establishing VPN - Attempting to repair VPN adapter...
7:59:25 PM Connection attempt has failed.
7:59:25 PM VPN session ended.

 

any suggestion?

Labels:
4 Replies 4

Reza Sharifi
Hall of Fame
Hall of Fame

‎02-16-2022 12:11 PM

Hi,

 

Do you have access to ASDM to grab the logs?

 

HTH

 

0 Helpful

Jacob548784
Level 1
Level 1
In response to Reza Sharifi

‎02-16-2022 11:57 PM

Selecting cipher using DTLSv1.2

webvpn_cstp_parse_request_field()

...input: 'X-DTLS-Accept-Encoding: lzs'

Processing CSTL header line: 'X-DTLS-Accept-Encoding: lzs'

webvpn_cstp_parse_request_field()

...input: 'X-DTLS-Header-Pad-Length: 0'

webvpn_cstp_parse_request_field()

...input: 'X-CSTP-Accept-Encoding: lzs,deflate'

Processing CSTP header line: 'X-CSTP-Accept-Encoding: lzs,deflate'

webvpn_cstp_parse_request_field()

...input: 'X-CSTP-Protocol: Copyright (c) 2004 Cisco Systems, Inc.'

Processing CSTP header line: 'X-CSTP-Protocol: Copyright (c) 2004 Cisco Systems, Inc.'

cstp_util_address_ipv4_accept: address asigned: 172.29.10.83 -- here I obtain correct IP address

No subnetmask... calculating it

Class B Subnet

np_svc_create_session(0xB56A000, 0x00007f420e9b76c0, TRUE)

webvpn_svc_np_setup

SVC ACL Name: NULL

SVC ACL ID: -1

vpn_put_uauth success for ip 172.29.10.83!

No SVC ACL

Iphdr=20 base-mtu=1500 def-mtu=1500 conf-mtu=1406

tcp-mss = 1460

path-mtu = 1460(mss)

TLS Block size = 16, version = 0x303

mtu = 1460(path-mtu) - 0(opts) - 5(ssl) - 16(iv) = 1439

mod-mtu = 1439(mtu) & 0xfff0(complement) = 1424

tls-mtu = 1424(mod-mtu) - 8(cstp) - 48(mac) - 1(pad) = 1367

DTLS Block size = 16

mtu = 1500(base-mtu) - 20(ip) - 8(udp) - 13(dtlshdr) - 16(dtlsiv) = 1443

mod-mtu = 1443(mtu) & 0xfff0(complement) = 1440

dtls-mtu = 1440(mod-mtu) - 1(cdtp) - 48(mac) - 1(pad) = 1390

computed tls-mtu=1367 dtls-mtu=1390 conf-mtu=1406

DTLS enabled for intf=2 (outside)

tls-mtu=1367 dtls-mtu=1390

SVC: adding to sessmgmt

Sending X-CSTP-DNS: 10.115.152.83

Sending X-CSTP-DNS: 10.223.152.83

Sending X-CSTP-Split-Include msgs: for ACL - Split_Tunnel_E: Start -- here I obtain correct split ACL

    Sending X-CSTP-Split-Include: 10.115.152.0/255.255.255.0

    Sending X-CSTP-Split-Include: 10.10.0.0/255.255.254.0

    Sending X-CSTP-Split-Include: 10.152.195.0/255.255.255.0

    Sending X-CSTP-Split-Include: 10.223.152.0/255.255.255.0

    Sending X-CSTP-Split-Include: 192.168.1.0/255.255.255.252

    Sending X-CSTP-Split-Include: 172.29.20.0/255.255.255.0

    Sending X-CSTP-Split-Include: 172.29.30.0/255.255.255.0

    Sending X-CSTP-Split-Include: 172.29.40.0/255.255.255.0

    Sending X-CSTP-Split-Include: 172.29.50.0/255.255.255.0

    Sending X-CSTP-Split-Include: 172.29.60.0/255.255.255.0

    Sending X-CSTP-Split-Include: 172.29.70.0/255.255.255.0

    Sending X-CSTP-Split-Include: 172.16.3.0/255.255.255.0

    Sending X-CSTP-Split-Include: 10.115.153.0/255.255.255.0

    Sending X-CSTP-Split-Include: 192.168.3.0/255.255.255.0

Sending X-CSTP-MTU: 1367

Sending X-DTLS-MTU: 1390

Sending X-DTLS12-CipherSuite: ECDHE-ECDSA-AES256-GCM-SHA384

Sending X-CSTP-FW-RULE msgs: Start

Sending X-CSTP-FW-RULE msgs: Done

Sending X-CSTP-Quarantine: false

Sending X-CSTP-Disable-Always-On-VPN: false

Sending X-CSTP-Client-Bypass-Protocol: false

SVC message: t/s=3/16: Unable to start VA, setup shared queue, or VA gave up on shared queue. -- VA problem here!

webvpn_svc_np_tear_down: no ACL

webvpn_svc_np_tear_down: no IPv6 ACL

np_svc_destroy_session(0xB56A000)

0 Helpful

Georg Pauwen
VIP
VIP

‎02-17-2022 01:28 AM

Hello,

 

I recall a previous post where somebody had a similar problem. It appears that Windows 11 requires Annyconnect 4.9, or better yet, 4.10.

0 Helpful

Jacob548784
Level 1
Level 1
In response to Georg Pauwen

‎02-17-2022 03:54 AM

I have already tried anyconnect-win-4.10.00093-core-vpn-predeploy-k9 and still have the same problem

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card