Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2161
Views
0
Helpful
17
Replies

AC SMC stopped suddenly to work

justacsmcinuse
Level 1
Level 1

‎12-08-2023 01:59 AM - edited ‎12-08-2023 09:14 AM

AnyConnect Secure Mobility Client for Linux in use here.

4.10.06079 is the only version I get from remote network administrators as of time being.

This version of AC SMC for Linux is installed and in use. It worked very well till couple of days ago. From the day on it stopped to work one gets only error message "Connection attempt failed". Two authentication factor is set for affected vpn connection, however due to error mentioned the vpn connection establishment doesn't reach the step where authentication starts. Authenticator app as second factor is used.

Windows 10 and iOS devices in same LAN have no problems vpn to connect to same remote network.

Also remote network IT-team checked it on their side with their Linux machine and they have seen no problem as for their test.

How to proceed further?

Logs as attached below were found, whereby following few lines are eventually of special interest:

 

 

Dec 08 07:36:43 machi acvpnui[14342]: Function: PeerCertVerifyCB File: ../../vpn/Api/CTransportCurlStatic.cpp Line: 1114 Return success from VerifyServerCertificate
Dec 08 07:36:43 machi acvpnui[14342]: Function: errorCB File: ../../vpn/Common/Xml/CVCSaxParser.cpp Line: 119 xml errorCB: Document is empty
Dec 08 07:36:43 machi acvpnui[14342]: Function: startParser File: ../../vpn/Common/Xml/CVCSaxParser.cpp Line: 206 Invoked Function: xmlParseDocument Return Code: -1 (0xFFFFFFFF) Description: MTUADJUSTMENTCACHE_ERROR_UNKNOWN
Dec 08 07:36:43 machi acvpnui[14342]: Function: processXML File: ../../vpn/Api/xml/AggAuth.cpp Line: 71 Invoked Function: XmlParser::parseXml Return Code: -33554423 (0xFE000009) Description: Unable to process response from Gateway.
Dec 08 07:36:43 machi acvpnui[14342]: Function: processResponseStringFromSG File: ../../vpn/Api/ConnectMgr.cpp Line: 11894 Invoked Function: AggrAuth::processXML Return Code: -27590645 (0xFE5B000B) Description: AGGAUTH_ERROR_FAILED_TO_PARSE_XML

 

 

context log

 

 

An SSL VPN connection to vpn.unihamm.org has been requested by the user.
Dec 08 07:36:42 machi acvpnui[14342]: Loading preferences for the current user from profile /opt/cisco/anyconnect/profile/vpn.unihamm.org.xml
Dec 08 07:36:42 machi acvpnui[14342]: Function: errorCB File: ../../vpn/Common/Xml/CVCSaxParser.cpp Line: 119 xml errorCB: Document is empty
Dec 08 07:36:42 machi acvpnui[14342]: Function: startParser File: ../../vpn/Common/Xml/CVCSaxParser.cpp Line: 206 Invoked Function: xmlParseDocument Return Code: -1 (0xFFFFFFFF) Description: MTUADJUSTMENTCACHE_ERROR_UNKNOWN
Dec 08 07:36:42 machi acvpnui[14342]: [282B blob data]
Dec 08 07:36:42 machi acvpnui[14342]: Function: errorCB File: ../../vpn/Common/Xml/CVCSaxParser.cpp Line: 119 xml errorCB: Document is empty
Dec 08 07:36:42 machi acvpnui[14342]: Function: startParser File: ../../vpn/Common/Xml/CVCSaxParser.cpp Line: 206 Invoked Function: xmlParseDocument Return Code: -1 (0xFFFFFFFF) Description: MTUADJUSTMENTCACHE_ERROR_UNKNOWN
Dec 08 07:36:42 machi acvpnui[14342]: [261B blob data]
Dec 08 07:36:42 machi acvpnui[14342]: Current Preference Settings: ServiceDisable: false CertificateStoreLinux: All ShowPreConnectMessage: false AutoConnectOnStart: false MinimizeOnConnect: true LocalLanAccess: true DisableCaptivePortalDetection: false AutoReconnect: true AutoUpdate: true LinuxLogonEnforcement: SingleLocalLogon LinuxVPNEstablishment: LocalUsersOnly ProxySettings: Native AllowLocalProxyConnections: true PPPExclusion: Disable PPPExclusionServerIP:  AutomaticVPNPolicy: false TrustedNetworkPolicy: Disconnect UntrustedNetworkPolicy: Connect TrustedDNSDomains:  TrustedDNSServers:  TrustedHttpsServerList:  EnableScripting: false TerminateScriptOnNextEvent: false EnableAutomaticServerSelection: false AuthenticationTimeout: 12 IPProtocolSupport: IPv4 AllowManualHostInput: true BlockUntrustedServers: true PublicProxyServerAddress:  CertificatePinning: false
Dec 08 07:36:42 machi acvpnui[14342]: Function: setConnectionData File: ../../vpn/Api/ConnectMgr.cpp Line: 2080 Resetting client certificate list.
Dec 08 07:36:42 machi acvpnui[14342]: Function: getCertList File: ../../vpn/Api/ApiCert.cpp Line: 500 Number of certificates found: 0
Dec 08 07:36:42 machi acvpnui[14342]: Message type information sent to the user: Contacting vpn.unihamm.org.
Dec 08 07:36:42 machi acvpnui[14342]: Initiating VPN connection to the secure gateway https://vpn.unihamm.org
Dec 08 07:36:42 machi acvpnagent[995]: Function: processConnectNotification File: ../../vpn/Agent/MainThread.cpp Line: 15113 Received connect notification (host vpn.unihamm.org, profile vpn.unihamm.org.xml)
Dec 08 07:36:43 machi acvpnagent[995]: Function: resolveHostName File: ../../vpn/Common/Utility/HostLocator.cpp Line: 721 Invoked Function: CHostLocator::resolveHostNameAlt Return Code: -29229035 (0xFE420015) Description: DNSREQUEST_ERROR_EMPTY_RESPONSE
Dec 08 07:36:43 machi acvpnagent[995]: Function: getHostIPAddrByName File: ../../vpn/Common/IPC/SocketSupport.cpp Line: 345 Invoked Function: ::getaddrinfo Return Code: -5 (0xFFFFFFFB) Description: No address associated with hostname
Dec 08 07:36:43 machi acvpnagent[995]: Function: resolveHostName File: ../../vpn/Common/Utility/HostLocator.cpp Line: 733 Invoked Function: CSocketSupport::getHostIPAddrByName Return Code: -31129588 (0xFE25000C) Description: SOCKETSUPPORT_ERROR_GETADDRINFO
Dec 08 07:36:43 machi acvpnagent[995]: Function: ResolveHostname File: ../../vpn/Common/Utility/HostLocator.cpp Line: 843 Invoked Function: CHostLocator::resolveHostName Return Code: -31129588 (0xFE25000C) Description: SOCKETSUPPORT_ERROR_GETADDRINFO failed to resolve host name vpn.unihamm.org to IPv6 address
Dec 08 07:36:43 machi acvpnagent[995]: Function: logResolutionResult File: ../../vpn/Common/Utility/HostLocator.cpp Line: 927 Host vpn.unihamm.org has been resolved to IP address 157.1.242.166
Dec 08 07:36:43 machi acvpnagent[995]: Writing to hosts file:  157.1.242.166        vpn.unihamm.org ###Cisco AnyConnect VPN client modified this file. Please do not modify contents until this comment is removed.
Dec 08 07:36:43 machi acvpnagent[995]: Function: respondToConnectNotification File: ../../vpn/Agent/MainThread.cpp Line: 6319 The requested VPN connection to vpn.unihamm.org will target the following IP protocols and addresses: primary - IPv4 (address 157.1.242.166), secondary - N/A.
Dec 08 07:36:43 machi acvpnagent[995]: Function: determineAcidexMacAddrMapForTlv File: ../../vpn/Agent/MainThread.cpp Line: 6694 [ACIDEX] Determined public interface MAC address 08-00-33-xx-xx-xx (interface IPv4 address: 10.0.xx.xx)
Dec 08 07:36:43 machi acvpnui[14342]: Function: getUserName File: ../../vpn/Api/CTransportCurlStatic.cpp Line: 2843 PasswordEntry username is root
Dec 08 07:36:43 machi acvpnui[14342]: Function: PeerCertVerifyCB File: ../../vpn/Api/CTransportCurlStatic.cpp Line: 1114 Return success from VerifyServerCertificate
Dec 08 07:36:43 machi acvpnui[14342]: Function: errorCB File: ../../vpn/Common/Xml/CVCSaxParser.cpp Line: 119 xml errorCB: Document is empty
Dec 08 07:36:43 machi acvpnui[14342]: Function: startParser File: ../../vpn/Common/Xml/CVCSaxParser.cpp Line: 206 Invoked Function: xmlParseDocument Return Code: -1 (0xFFFFFFFF) Description: MTUADJUSTMENTCACHE_ERROR_UNKNOWN
Dec 08 07:36:43 machi acvpnui[14342]: Function: processXML File: ../../vpn/Api/xml/AggAuth.cpp Line: 71 Invoked Function: XmlParser::parseXml Return Code: -33554423 (0xFE000009) Description: Unable to process response from Gateway.
Dec 08 07:36:43 machi acvpnui[14342]: Function: processResponseStringFromSG File: ../../vpn/Api/ConnectMgr.cpp Line: 11894 Invoked Function: AggrAuth::processXML Return Code: -27590645 (0xFE5B000B) Description: AGGAUTH_ERROR_FAILED_TO_PARSE_XML
Dec 08 07:36:43 machi acvpnui[14342]: Message type warning sent to the user: Connection attempt has failed.
Dec 08 07:36:43 machi acvpnui[14342]: Function: processIfcData File: ../../vpn/Api/ConnectMgr.cpp Line: 3390 ConnectMgr::processResponseStringFromSG failed
Dec 08 07:36:43 machi acvpnui[14342]: Message type error sent to the user: Connection attempt has failed.
Dec 08 07:36:43 machi acvpnui[14342]: Function: connect File: ../../vpn/Api/ConnectMgr.cpp Line: 2597 ConnectMgr::processIfcData failed
Dec 08 07:36:43 machi acvpnui[14342]: Function: initiateConnect File: ../../vpn/Api/ConnectMgr.cpp Line: 1493 Connection failed.
Dec 08 07:36:43 machi acvpnui[14342]: VPN state: Disconnected Network state: Network Accessible Network control state: Network Access: Available Network type: Undefined
Dec 08 07:36:43 machi acvpnagent[995]: Function: determinePublicAddrCandidateFromDefRoute File: ../../vpn/AgentUtilities/HostConfigMgr.cpp Line: 3057 Invoked Function: CHostConfigMgr::FindDefaultRouteInterface Return Code: -22806495 (0xFEA40021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED IPv6
Dec 08 07:36:43 machi acvpnagent[995]: Function: updatePotentialPublicAddresses File: ../../vpn/AgentUtilities/HostConfigMgr.cpp Line: 3190 Invoked Function: CHostConfigMgr::determinePublicAddrCandidateFromDefRoute Return Code: -22806495 (0xFEA40021) Description: ROUTETABLE_ERROR_GETBESTROUTE_FAILED IPv6
Dec 08 07:36:43 machi acvpnui[14342]: Function: run File: ../../vpn/Api/ConnectMgr.cpp Line: 897 Invoked Function: ConnectMgr::initiateConnect Return Code: -29556727 (0xFE3D0009) Description: CONNECTMGR_ERROR_UNEXPECTED

 

 

 

 

 

 

 

 

 

1 person had this problem
Labels:
0 Helpful
17 Replies 17

justacsmcinuse
Level 1
Level 1

‎02-06-2024 03:55 AM - edited ‎02-06-2024 03:56 AM

Thanks for quick reply. No traffic can be unfortunately spotted that bug record. My machine here dedicated for one certain but major task has no connection to remote network due to this issue since first decade last December. How are current outlooks regarding fixing?

0 Helpful

justacsmcinuse
Level 1
Level 1

‎02-21-2024 05:09 AM - edited ‎02-21-2024 05:31 AM

Manjaro Linux setup here got libxml2 version 2.12.5 update. For Manjaro it is first version following GNOME team having fixed the lib concerning problems with AnyConnect. Retest is not possible due to other problem with privileges. New conversation gets open soon.

https://community.cisco.com/t5/vpn/anyconnect-4-10-privileges-needed/m-p/5021901/highlight/true#M293822

0 Helpful

justacsmcinuse
Level 1
Level 1

‎02-22-2024 12:54 AM

Any idea if what libxml2 maintainer team provided with lib version 2.12.5 is a fix for actual vulnerability rather than be working around a bug AnyConnect side?

0 Helpful
Customers Also Viewed These Support Documents