Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1079
Views
0
Helpful
3
Replies

AnyConnect VPN Pop up Message after applying the host scan policy

neerajbala2005
Level 1
Level 1

‎07-05-2023 07:58 AM

I have Virtual ASA and recently applied the host scan policy. After applying the host scan policy for our Cisco AnyConnect VPN users, Each and every user whenever gets authenticated and logs in via the AnyConnect client, they receive the following message post login:

Security policies were applied to your session, access to some resources may be blocked. Your system administrator provided the following information to help you understand and remedy the security conditions:

I have tried to uncheck the following but no luck

1. "Banner" inherit message under group policy (Configuration > Remote Access VPN > Network (Client) Access > Group Policies) 2.  Cleared the " User Message" under DAP ( Remote Access VPN>Network (Client) Access>Dynamic Access Policies

Please advise

Labels:
0 Helpful
3 Replies 3

Pavan Gundu
Cisco Employee
Cisco Employee

‎07-06-2023 02:53 AM

What are your DAP policies? And what is configured in the default rule? Allow or Deny?

0 Helpful

neerajbala2005
Level 1
Level 1
In response to Pavan Gundu

‎07-10-2023 08:26 AM

default rule is allow

0 Helpful

Pavan Gundu
Cisco Employee
Cisco Employee

‎07-11-2023 04:58 PM

Then it is working as expected, since the default DAP says to continue.

Your other DAP records are not working as expected. Normally the default DAP record has block.

You can issue the debug command "debug dap trace 255" to see what attributes the endpoint is sending and what DAP record the ASA is choosing based on the records.

0 Helpful
Customers Also Viewed These Support Documents