Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3705
Views
0
Helpful
1
Replies

AnyConnect: no valid Certificate found

gaigl
Level 3
Level 3

‎07-16-2012 12:29 AM - edited ‎02-21-2020 06:12 PM

Hello,

very strange Problem:

we have 2 ASA's 5510 8.4(3), Auth is CERT+AAA, CERT is on a E-Token, AAA is Radius (ACS 5.3) and worked already, one ASA for test, one ASA prod.

Now if I connect with a Notebook (Win7_64bit), the Client (anyconnect-win-3.0.08057-k9.pkg, tried also anyconnect-win-3.0.07059-k9.pkg) installs and connects -> fine.

but if I disconnect and connect again, there couldnt't be found a valid Cert on the Client.

Now I switch from test to prod and connection works! Disconnect and reconnect same machine: no valid Cert. switch to test: it works

and so on, 2 times connecting the same machine doesn't work, switching from one to the other works.

tried this on another Notebook -> same Problem.

Could the reason be any Windows-Update?

Labels:
0 Helpful
1 Reply 1

nkarthikeyan
Level 7
Level 7

‎07-20-2012 10:29 AM

Hi Karl,

Please check if you have used the valid ca certficate for the anyconnect vpn. Normally CA cert issues comes once we have an untrusted certficates.

Pls check the certficate whether its local or the third party issues one in the asa for anyconnect.

Also your enduser machine also should have the proper certificate to be used for this connection.

Especially when you connect anyconnect vpn it will give you an option yes/no/view certificate in such cases. If so then check your system certficate on view certficate menu and then check in the ASA. It should be in sync.

I guess for both the asa's using the same certficate??? i mean on the same ip tag???

Please do rate if the given info helps.

By

Karthik

0 Helpful
Customers Also Viewed These Support Documents