Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4505
Views
0
Helpful
1
Replies

Cisco AnyConnect VPN failed to get configuration because AnyConnect cannot confirm it is connected to your secure gateway

lukal
Level 1
Level 1

‎01-16-2019 02:12 AM - edited ‎02-21-2020 09:32 PM

I am using Ubuntu server 16.04 LTS and I installed Cisco AnyConnect VPN according to this tutorial.
 
AnyConnect is working but when I try to connect I get following error:
 
Cisco AnyConnect Secure Mobility Client (version 4.6.02074) .

Copyright (c) 2004 - 2018 Cisco Systems, Inc.  All Rights Reserved.


  >> state: Disconnected
  >> state: Disconnected
  >> notice: Ready to connect.
  >> registered with local VPN subsystem.
VPN> connect XXX.XXX.XXX.XXX
connect XXX.XXX.XXX.XXX
  >> contacting host (XXX.XXX.XXX.XXX) for login information...
  >> notice: Contacting XXX.XXX.XXX.XXX.
AnyConnect cannot verify server: XXX.XXX.XXX.XXX
    - Certificate does not match the server name.
Connecting to this server may result in a severe security compromise!

Most users do not connect to untrusted servers unless the reason for the error condition is known.

Connect Anyway? [y/n]: y

  >> Please enter your username and password.

Username: XXX
Password:
  >> state: Connecting
  >> notice: Establishing VPN session...

gzip: stdin: unexpected end of file
The AnyConnect Downloader is analyzing this computer. Please wait...
Initializing the AnyConnect Downloader...
The AnyConnect Downloader is performing update checks...
  >> notice: The AnyConnect Downloader is performing update checks...
  >> notice: Checking for profile updates...
Failed to get configuration because AnyConnect cannot confirm it is connected to your secure gateway. Contact your system administrator.
  >> notice: Connection attempt has failed.
  >> error: AnyConnect was not able to establish a connection to the specified secure gateway. Please try connecting again.
  >> state: Disconnected
 
 Can somebody give me some hint how to solve this problem?
 
 
Labels:
0 Helpful
1 Reply 1

Marius Gunnerud
VIP
VIP

‎01-16-2019 02:55 AM

It looks like you are using the ASA self signed certificate when you are connecting to the AnyConnect.  two ways around this

1. buy a 3rd party certificate and install it on the ASA and use it for AnyConnect

2. install the ASA self signed certificate on your PC.

--
Please remember to select a correct answer and rate helpful posts
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents