cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
66327
Views
66
Helpful
19
Replies

hostscan is waiting for next scan

fernandoborges1
Level 1
Level 1

Hi gurus

 Everytime I start annyconnect it goes through all the steps but hangs on 

" hostscan is waiting for next scan" and do nothing

 

Thanks a bunch gurus

19 Replies 19

Joseph Melki
Level 1
Level 1

Having this problem too recently with one of company machines. It gets stuck on the hostscan phase and just keeps looping with that same error " hostscan is waiting for next scan". If I disable the hostscan on the ASA for that specific VPN profile it works fine. We have hundreds of other machines that work fine, so this is limited issue being experienced on one machine so far.

Would appreciate it if anyone has found a solution for this. AnyConnect Version 3.1.04072, hostscan version 3.104072, Windows 7

 

Thanks

 

Hello,

 

I had this problem too.  It happens when there is to much information being sent back to the ASA regarding this host (hotfixes, certificates, ect) and it goes past (I believe) 200KB in data.  This is similar to behavior in CSCui27773 or CSCue68555.

(config)#service internal
(config)# webvpn
(config)# hostscan data-limit 300

I had bumped up my data-limit 100KB and everything seems to be working just fine, for now.

Kyle
 

fschoeniger
Level 1
Level 1

Having the same issue here. It just suddenly happen on a few of our machines. Cisco AnyConnect 3.1.05152..

 

 

Mark Dowling
Level 1
Level 1

I came across this on a machine which turned out to have a massive quantity of certificates in certmgr.msc / Personal generated by Fiddler. This produced the following in the ASA syslog:

Apr  8 13:10:57 asa %ASA-3-716600: Rejected 781KB Hostscan data from IP <xx.yyy.zzz.aa>. Hostscan results exceed default limit of 200KB

Cleaning out the Personal store resolved the issue (as well as revoking the root cert) and we'll be watching for any reappearance.

I would rather not up the limit the ASA accepts since this revealed an undesirable condition.

Hello Mark,

Your solution worked just as you explained. 
Thank you for sharing your results with all of us.   

Thanks for letting me know :)

Thank god you posted this. I thought I was done for.

That's great to hear - we've all had those moments!

Thanks for your solution.  Deleting all the Fiddler certs worked for me.

Tried this but didn't work out. Eventually worked after completely uninstalling CA softwares on Win7.

Thank you, thank you thank you thank you tha........


This is such an obscure reason for failure, I would have -never- figured it out! The *real* problem here is that the fact that the hostscan is failing isn't being shown to the user. It just keeps trying, then waiting for the next scan. Horrible design and user experience - they should fix :<

Programs shouldn't fail, but when they do, they should never do so silently!

Mark - you solved my problem too!  Great work!

 

I can confirm bunch of certificates generated by Fiddler as cause of this problem for me too.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: