Re: BUG with Hostscan 4.10.05111 Remote Access VPN

abtt-39 · ‎07-13-2023

Hello

After updating the hostscan files ont the ASA, i had VPN connection problems.

We upgraded from version 4.10.05111 to 4.10.066090

ASA version : 9.16(4)14

After connecting to the portal via the any connect client, the connection window appears. We have several groups. 2 with filtering of the mac address at the level of dynamic access policies, a 3rd without mac filtering. The latter works, the connection is made by querying a radius server (windows NPS) which queries the LDAP server.

For the other 2, it doesn't work.
I have the following error message : login denied. Your environment does not meet the access criteria defined by your administrator.

I didn't notice the bug right away because the affected groups aren't used much.

I put the old hostscan back, And it works again for all groups. The tests were done on the same PC

The problem is that when I connect to the ASA in ASDM, I have a message that tells me that the version of hostscan is deprecated and asks me if I want to continue or not.

Salman Mahajan · ‎07-16-2023

Hi

Can you share DAP debugs when trying to connect with upgrade hostscan ?

Regards
SALMAN

abtt-39 · ‎07-17-2023

Good morning,

today, I see users connected, I will not be able to put the old one back to the new hostscan for the moment.

And what hostscan "4.10.05111" is known to have security vulnerabilities? Can I leave it like this?

abtt-39 · ‎07-17-2023

Finally, I did the test, I returned the hostscan 4.10.06090, and ....it works.

So I don't understand...I'm going to be away for 3 weeks, I'm going to leave it like that.