Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
851
Views
0
Helpful
0
Replies

AnyConnect - Cannot confirm it is connected to your secure gateway

PurpleSecurity
Level 1
Level 1

‎01-24-2024 12:26 PM - edited ‎01-24-2024 12:29 PM

Hi

I have a remote vendor who is trying to connect(not his first time) to our office. He is receiving the error below when he tries to connect to us. This issue started last week. He stated that nothing changed in his environment(I cannot confirm). 

Error:

AnyConnect cannot confirm it is connected to your secure gateway. The local network may not be trustworthy. Please try another network.

I have seen a few post with similar issues, but the fixes I have seen do not seem to apply for me.

He shared the DART logs and I researched the snippet that appeared relevant:

Date : 01/22/2024
Time : 15:36:25
Type : Error
Source : acvpnui

Description : Function: ConnectIfc::TranslateStatusCode
File: c:\temp\build\thehoff\phoenix_mr70.416163397004\phoenix_mr7\vpn\api\connectifc.cpp
Line: 3141
Invoked Function: ConnectIfc::TranslateStatusCode
Return Code: -29949920 (0xFE370020)
Description: CTRANSPORT_ERROR_PEER_CERT
AnyConnect cannot confirm it is connected to your secure gateway. The local network may not be trustworthy. Please try another network.

******************************************

Date : 01/22/2024
Time : 15:36:25
Type : Error
Source : acvpnui

Description : Function: ConnectMgr::doConnectIfcConnect
File: c:\temp\build\thehoff\phoenix_mr70.416163397004\phoenix_mr7\vpn\api\connectmgr.cpp
Line: 2492
Invoked Function: ConnectIfc::connect
Return Code: -29949920 (0xFE370020)
Description: CTRANSPORT_ERROR_PEER_CERT


******************************************

Date : 01/22/2024
Time : 15:36:25
Type : Information
Source : acvpnui

Description : Message type warning sent to the user:
Connection attempt has failed.

******************************************

Date : 01/22/2024
Time : 15:36:25
Type : Error
Source : acvpnui

Description : Function: ConnectMgr::processIfcData
File: c:\temp\build\thehoff\phoenix_mr70.416163397004\phoenix_mr7\vpn\api\connectmgr.cpp
Line: 3470
Content type (unknown) received.
Response type (server cert error) from X.X.X.X:


******************************************

Date : 01/22/2024
Time : 15:36:25
Type : Information
Source : acvpnui

Description : Message type error sent to the user:
AnyConnect cannot confirm it is connected to your secure gateway. The local network may not be trustworthy. Please try another network.

After researching this error, I found suggestions to change the a setting(setting below) in AnyConnectLocalPolicy.xml  to false. However, there is no  AnyConnectLocalPolicy.xml file on his computer in the anyconnect folder.

<StrictCertificateTrust>false</StrictCertificateTrust>

Can someone assist me with this? I hope to get him connected, but I am also concerned as to if this is an indicator of a possible compromise in his network. I don't want to simply bypass the error without having a good understanding of what is happening.

3 people had this problem
Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents