cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

3524
Views
60
Helpful
14
Replies
Beginner

AnyConnect: Got an error after updating macOS Catalina

I got this error after updating to macOS Catalina. I have tried to install the version 4.6, 4.7, 4.8 but still the same.

 

"AnyConnect cannot confirm it is connected to your secure gateway.  The local network may not be trustworthy.  Please try another network."

 

Any ideas are welcome.

1 ACCEPTED SOLUTION

Accepted Solutions
VIP Advocate

Re: AnyConnect: Got an error after updating macOS Catalina

open terminal and do the following (you will need administrator rights on your Mac)

cd /opt/cisco/AnyConnect

sudo nano AnyConnectLocalPolicy.xml
Then edit the field for ExcludeMacNativeCertStore to "true"
<ExcludeMacNativeCertStore>true</ExcludeMacNativeCertStore>
^X  (control X to exit)
press Y to indicate that you want to save
press enter to accept the existing name
Quit AnyConnect and start it up again.  You will now receive a certificate warning with the option to continue and, if available, install the certificate.
--
Please remember to rate and select a correct answer

View solution in original post

14 REPLIES 14
VIP Advocate

Re: AnyConnect: Got an error after updating macOS Catalina

Are you using a third party certificate on the ASA? if yes is the CA certificate also installed on the Mac?  

If no, have you installed the ASA self signed certificate in the Mac?

--
Please remember to rate and select a correct answer
Beginner

Re: AnyConnect: Got an error after updating macOS Catalina

This worked for a user I had who had this issue.

 

Not sure what changed on Mac with this but on Catalina the user installed the self signed from the firewall. They were then able to connect again!

 

Thanks!

VIP Advocate

Re: AnyConnect: Got an error after updating macOS Catalina

Could you please select the post as the correct answer so we stop monitoring the question if it is solved.

Thank you.

--
Please remember to rate and select a correct answer
Beginner

Re: AnyConnect: Got an error after updating macOS Catalina

How to install the self signed from the firewall? 

My workmate talked me all certificates should be installed automatically when you connect to the VPN.

Beginner

Re: AnyConnect: Got an error after updating macOS Catalina

"Are you using a third party certificate on the ASA? if yes is the CA certificate also installed on the Mac?"

I am not sure. But I have exported the CA certificate from the other Mac and install it on my Mac, unfortunately it still doesn't work.

Beginner

Re: AnyConnect: Got an error after updating macOS Catalina

Hello,

 

I recently updated to MacOS Catalina (v10.15) and since then I am getting this error (Anyconnect cannot confirm if its connected to your secure gateway...) while connecting via vpn (even tried updating to the latest version of VPN client - v4.8.00175).

 

We do not have any certificate installed on the ASA. Any thoughts on how do I get this working?

Beginner

Re: AnyConnect: Got an error after updating macOS Catalina

upgraded to Catalina and got Cisco Anyconnect version 4.8.00175

All certificates are there. 

Connection error:

Posture Assessment Failed: Unable to download CSD library. Please try again

Any ideas?

 

VIP Advocate

Re: AnyConnect: Got an error after updating macOS Catalina

open terminal and do the following (you will need administrator rights on your Mac)

cd /opt/cisco/AnyConnect

sudo nano AnyConnectLocalPolicy.xml
Then edit the field for ExcludeMacNativeCertStore to "true"
<ExcludeMacNativeCertStore>true</ExcludeMacNativeCertStore>
^X  (control X to exit)
press Y to indicate that you want to save
press enter to accept the existing name
Quit AnyConnect and start it up again.  You will now receive a certificate warning with the option to continue and, if available, install the certificate.
--
Please remember to rate and select a correct answer

View solution in original post

Re: AnyConnect: Got an error after updating macOS Catalina

I have tired the suggested change. I get a warning and hit Connect Anyway, and then I go right back to the same error.

 

Screen Shot 2019-10-23 at 5.33.53 PM.pngScreen Shot 2019-10-23 at 5.34.48 PM.png

 

Any thoughts on what may still be the problem? This groups is the closest thing I have found. Thanks!

Beginner

Re: AnyConnect: Got an error after updating macOS Catalina

Same issue.  After updating the XML file, I got the Certificate is from an untrusted source.

I tried Connect Anway (with and without  Always Trust Server... checkbox checked)

 

Screen Shot 2019-11-06 at 11.19.48 AM.png

 

I just upgraded from macOS 10.14.x to macOS 10.15.1 in place.

I upgrade my AnyConnect client from 4.6.x to 4.8.00175

 

VPN had been working fine under Mojave.  

 

Reading (now) others are having issues in this forum and around the web.

 

Any suggestions

Highlighted
Beginner

Re: AnyConnect: Got an error after updating macOS Catalina

When I tick the "Always trust this server and import the certificate" checkbox, the login fails -- if I do NOT check that box, the login succeeds for me.

Beginner

Re: AnyConnect: Got an error after updating macOS Catalina

Many thanks !!!!
Beginner

Re: AnyConnect: Got an error after updating macOS Catalina

This worked perfectly to get the VPN module to work again. Do you have any recommendations on how to get it to work with the ISE Posture module? We only use publicly signed certs on the portal for ISE. The ISE posture module is having the same issue as the VPN module, because the rest of the ISE certs are self-signed (Internal PKI signed).

Cisco Employee

Re: AnyConnect: Got an error after updating macOS Catalina

Thank you very much, this really work for me!