07-03-2017 09:16 AM
Hello,
I am unable to use anyconnect under linux due to a failure in the hostscan module to detect the firewall. This was working as recently as January. The cscan.log file now shows:
[Thu Jun 15 14:36:40.779 2017][cscan]Function: log_cb_hostscan Thread Id: 0x35FD5740 File: scan.c Line: 53 Level: debug :: found firewall ==> (IPTablesFW) (IPTables (Linux)) (1.6.0) (failed).
whereas it used to show:
[Mon Nov 07 12:23:37.217 2016][cscan][debug][log_cb_hostscan] found firewall ==> (IPTablesFW) (IPTables (Linux)) (1.6.0).
What is hostscan looking for in iptables? Is there a particular set of rules that are necessary?
Thanks!
Solved! Go to Solution.
07-03-2017 09:51 AM
In DAP the only options for checking Linux IPTables are shown below in the screenshot.
Has there been any upgrades recently ? Is the FW disabled ?
Best regards,
Paul
AC TME
07-03-2017 09:51 AM
In DAP the only options for checking Linux IPTables are shown below in the screenshot.
Has there been any upgrades recently ? Is the FW disabled ?
Best regards,
Paul
AC TME
09-16-2020 12:04 PM
This thread still doesn't address what the builtin endpoint.fw attributes are looking for. An upgrade to Mint 20 has broken this for me Cisco AnyConnect Secure Mobility Client (version 4.7.04056).
In a large organization I need some clues as to a workaround because the head ends will take a while to fix not to mention get anybody's attention to actually do it, and I need to get back to getting work done.
07-02-2021 09:09 AM
It would be great if Cisco actually answered the original question. I suspect the IPtables check is failing because of a change to the iptables package no longer using the xt_time module
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide