cisco anyconnect untrusted vpn server blocked
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-13-2018 06:11 AM - edited 02-21-2020 09:26 PM
Hi all
The issue has begun to affect our VPN remote access connections but only for particular users. any thoughts?
- Labels:
-
AnyConnect

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-13-2018 06:43 AM
One easy fix is to change the AnyConnect preferences on the AnyConnect client. There is only one checkbox regarding certificates. That way they can connect without having an issue.
The second solution would be to install the intermediate certificate authority on their boxes, as well as make sure they are going to the hostname of the certificate.
example: vpn.example.com
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-13-2018 06:45 AM
Hi there, have tris this however still failiing.

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-13-2018 06:52 AM
2. Verify the certificate date is valid.
3. Verify the intermediate and root certificate are installed on ASA.
4. Verify the intermediate and root certificate are installed on client.
5. Verify that the certificates show up as valid on the client.
6. Upgrade AnyConnect client.
7. You could delete certificates on client and re-install them. In small case, I have seen them get corrupted.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-13-2018 08:43 AM
Hi Alex
check what you suggested and everything seems fine, as far as a most users are aware the VPN was working Friday. As far as I'm aware there have been no changes over the weekend.

- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-13-2018 07:02 PM
Dear S.mooney12,
According to your mention, I would suggest you to test your SSL Cerfitication Configuration with this link.
https://www.ssllabs.com/ssltest/index.html
you will see whether you have implemented correctly, or facing issue at the screenshot.
Best
Aphea
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
08-14-2018 03:34 AM
Thanks
