Hi anyone. I have a problem with Cisco AnyConnect client. Client Version 3.1.
This problem only in Windows 7 OS. I have some tunnel groups, and earlier i did can select this groups in anyconnect client after successful connection to my ASA.
Now when i try to connect and use address of my asa like "vpn.company.com" i can't establish connection, and client respond me with error "invalid host entry. Please re-enter". But when i start connection from VPN portal or type address like "vpn.company.com/<tunnel-group>" everything OK and no error responded.
When i was see log in ASA, i see that anyconnect client try start ipsec connection.
Can anyne help me. Maybe someone take this problem earlier.
Sorry for bad English.
Most likely the XML profile has the following instruction:
You can find the profile in the following path:
Windows 7 and Vista
C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\Profile\
C:\Document and Settings\All Users\Application Data\Cisco\Cisco AnyConnect Secure Mobility Client\Profile
Mac OS X and Linux
Please make sure you remove the line in bold and let me know.
Please rate any post you find useful.
Message was edited by: Javier Portuguez
There is no profiles. There is only AnyConnectProfile.xsd file. Do you know how Anyconnect check host entry before connect to ASA?
And i dont understand why VPN session establish when i type address with tunnel group like this ""vpn.company.com/
This tested on MAC OS X and no problem found
Yes of course a has run logging in ASA. I cant uderstand, why it may DNS resolution error. Did you know how AnyConnect client verify DNS records?
When i check logging and simultaneously try to connect with client, i was see that request from my PC go to port 500 and 4500 it is NAT-T) but i dont use IKEv2 with ipsec . I use only SSL between client and ASA. I dont understand, why ASA recieve packets for 500 and 4500 udp ports.
I have solved this problem. I suggest that in installation some gone wrong and configuration files has bad.
I uninstall Cisco AnyConnect and delete directory
"C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client" (Win 7) after that reinstall Cisco Any Connect.
Problem is gone:)
Maybe this information will helpful
I had "invalid host entry" issue and corrected it by running diagnostics feature within Cisco AnyConnect.
Path: Click on the Settings icon (gear) in bottom left of login screen. From Settings screen, click on Diagnostics button on top right of screen. This launches Cisco Diagnostic and Reporting Tool (DART). Follow prompts to run the diagnostics.
I did not need to change any configurations. Just running the diagnostics tool fixed the problem.
I hope this helps... Good luck!