Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
268
Views
0
Helpful
0
Replies

AnyConnect and ISE Posture on openSuse Tumbleweed

ffknob
Level 1
Level 1

‎09-09-2024 11:39 AM - edited ‎09-09-2024 11:40 AM

Hi there

I'm trying to establish a VPN connection using Cisco AnyConnect. Our company's VPN server implements ISE Posture policies and multi-factor authentication with Duo.

Althought I am establishing the VPN connection, nothing seend to work. Here's the flow:

1. I open Cisco Secure Client and hit the button to connect to the VPN
2. It goes on and shows me a Login screen asking fot my password (SSO)
3. It then shows me another screen saying it sent a verification request to my phone (Duo)
4. After I accept the request it asks me to hit "Accept" on the popup window, which I do

After all of that it says the connection is established. But nothing seen to work.

I think the problem is related to ISE Posture. If I go to that tab it says "Initializing" since step 1. It never finishes. I have no idea what it is doing. (see image)

Screenshot_20240909_102115.png

I'm currently running:

- Tumbleweed 20240524
- KDE Plasma 6.0.4

Some interesting entries from the vpnagentd log:

csc_vpnagent[30413]: Function: getTargetPath File: ../../vpn/Common/Utility/DeviceID.cpp Line: 616 /dev/nvme0n1p5 is not a link
csc_vpnagent[30413]: Function: GetDNSConfig File: ../../vpn/Common/Utility/linux/DBusNMHelper.cpp Line: 302 Unable to get DNS domain for interface enp5s0
csc_iseagentd[30454]: Function: getLinuxDistributionInfo Thread Id: 0xE3982740 File: SystemInfo.cpp Line: 567 Level: error :: Unsupported Linux Distribution
csc_vpnagent[30413]: Function: InitNSS File: ../../vpn/CommonCrypt/Certificates/NSSCertUtils.cpp Line: 344 Invoked Function: CNSSCertUtils::getCertDBPath Return Code: -31457278 (0xFE200002) Description: CERTSTORE_ERROR_BAD_PARAMETER
csc_vpnagent[30413]: Function: CNSSCertStore File: ../../vpn/CommonCrypt/Certificates/NSSCertStore.cpp Line: 52 Invoked Function: CNSSCertUtils::InitNSS Return Code: -31457278 (0xFE200002) Description: CERTSTORE_ERROR_BAD_PARAMETER
csc_vpnagent[30413]: Function: addNSSStore File: ../../vpn/CommonCrypt/Certificates/CollectiveCertStore.cpp Line: 1916 Invoked Function: CNSSCertStore::CNSSCertStore Return Code: -31457278 (0xFE200002) Description: CERTSTORE_ERROR_BAD_PARAMETER

So, where should I start?

Should this really work on openSuse Tumbleweed (I know that Leap is supported).

Thank you.

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents