- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-07-2022 12:11 AM
I'm resaerching a very strange behavior with AnyConnect 4.10, while AnyConnect 3.10 works absolutly fine.
Connect VPN with url gate.xxxx.ch:7443, Login, Connected, all good.
When I choose from the dropdown-list I receive the error "the cryptographic algorithms required by the secure gateway."
So, everytime I have to type the url, what's wrong with my configuration (must be something with the client profile)
Solved! Go to Solution.
- Labels:
-
AnyConnect
-
VPN
Accepted Solutions
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-07-2022 12:52 AM
i could fix the problem.
it was a missconfigured client profile. Because I'm not using default port 443, I had to add my choosen port to the entry in the server list
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-07-2022 12:18 AM
It's possible that AnyConnect 4.10 does not support the ciphers configured on your ASA. In newer software releases insecure algorithms have been depreciated.
Has this ever worked with AnyConnect 4.10?
Are you using SSL (TLS) or IPSec VPN?
What version of ASA software are you running?
Run DART and provide the output and/or turn on debugs on the ASA and provide the output.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-07-2022 12:23 AM
ASA 5506-X 9.8(2)
When I type the URL to the Firewall it is connecting successfully and everything works fine. Only when I choose from Dropdown-List in AnyConnect Client it shows this error message.
How can it be a cypher configuration problem?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-07-2022 12:29 AM
@matti-consulting if you type the URL then you are connecting using SSL. No idea what your configuration is if you are selecting a profile from the drop-down list. It could be the connection profile is configured to use IKEv2/IPSec, which could be configured with insecure algorithms on the ASA. Because AnyConnect 4.10 is the very latest software it would not support the older weaker, insecure algorithms and therefore you'd be unable to connect.
Without seeing the output requested it is just a guess.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
06-07-2022 12:52 AM
i could fix the problem.
it was a missconfigured client profile. Because I'm not using default port 443, I had to add my choosen port to the entry in the server list
