Re: An error message when connection to the Cisco Anyconnect

Natalia · ‎11-20-2017

Hi!

Could you help me please to find out why the following error occurs when trying to connect via Cisco anyconnect?

Сигнатура проблемы:
Имя события проблемы: BEX
Имя приложения: cscan.exe
Версия приложения: 4.3.1095.0
Отметка времени приложения: 57822e1a
Имя модуля с ошибкой: cscan.exe
Версия модуля с ошибкой: 4.3.1095.0
Отметка времени модуля с ошибкой: 57822e1a
Смещение исключения: 0002947b
Код исключения: c0000417
Данные исключения: 00000000
Версия ОС: 6.1.7601.2.1.0.256.1
Код языка: 1049
Дополнительные сведения 1: 3e8a
Дополнительные сведения 2: 3e8aa1084dfafd722eb5124769130665
Дополнительные сведения 3: c319
Дополнительные сведения 4: c319d4ea5019a9f5f4df1bd91adc97dc

Flavio Miranda · ‎11-20-2017

Hi @Natalia

This is much more a register about the problem then anything else.

But yet looks like Operational system problem.

"Signature of the problem: Event name of the problem: BEX Application name: cscan.exe Application version: 4.3.1095.0 Application timestamp: 57822e1a Module name with error: cscan.exe The version of the module with an error: 4.3.1095.0 Timestamp of the module with error: 57822e1a Offset exception: 0002947b Exception code: c0000417 Exception data: 00000000 OS version: 6.1.7601.2.1.0.256.1 Language code: 1049 Additional Information 1: 3e8a Additional information 2: 3e8aa1084dfafd722eb5124769130665 Additional information 3: c319 Additional information 4: c319d4ea5019a9"

-If I helped you somehow, please, rate it as useful.-

Marvin Rhoads · ‎11-20-2017

The AnyConnect posture scan (cscan.exe) is failing.

Is your AnyConnect version on the ASA the same release as csan.exe (4.3.01095)?

https://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect43/release/notes/b_Release_Notes_AnyConnect_4_3.html#ID-1454-00000097

Natalia · ‎11-20-2017

AnyConnect version is 4.5.02033

csan.exe is 4.3.1095.0

Marvin Rhoads · ‎11-21-2017

Hmm those should work together.

Has this ever worked or is it your first try using it?

Do you have an antivirus program running on the client computer? If so, antivirus applications can misinterpret the behavior of some of the applications included in the posture module and the Host Scan package as malicious. Before installing the posture module or Host Scan package, configure your antivirus software to “white-list” or make security exceptions for these Host Scan applications:

cscan.exe
ciscod.exe
cstub.exe

Natalia · ‎11-21-2017

It is the first attempt..

Marvin Rhoads · ‎11-21-2017

OK, what about the antivirus suggestion?

Do you have that running and if so did you try the exclusions?

Natalia · ‎11-21-2017

I close the antivirus program when running Anyconnect client

Natalia · ‎11-21-2017

I have OpenVpn installed on my PC too
May it be a reason of a conflict?

Natalia · ‎11-21-2017

I uninstalled the OpenVpn but it didnt help.

Marvin Rhoads · ‎11-21-2017

Can you try from another PC?

A freshly spun up VM would be cleanest an isolate the problem between local PC issue and ASA configuration problem.

If you have support you can also open a TAC case. They can analyze a DART package and give you good advice on what exactly is causing the error.