ANNOUNCEMENT - The community will be down for maintenace this Thursday August 13 from 12:00 AM PT to 02:00 AM PT. As a precaution save your work.
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
261
Views
0
Helpful
2
Replies
Highlighted
Beginner
Beginner

CSR1000v_SSL _Anyconnect VPN_TLS version problem

recently setup anyconnect on CSR1000v and it worked with local credentials . 

 

All of sudden, Anyconnect VPN is no longer working.

 

CRYPTO_OPSSL: SSL3.0 is no longer supported.Enabling only TLS1.0

CRYPTO_OPSSL: Set cipher specs to mask 0x00002080 for version 16

CRYPTO_OPSSL: Common Criteria is disabled on this session.Disabling Common Criteria mode functionality in CiscoSSL on SSL CTX 0x7F6C7DDB9850

 

Those kind of logs I noticed when I did debug for ssl . I do see logs that user credentials are validated and success. but, session got closed automatically.

 

show version:-

Cisco IOS XE Software, Version 16.12.01a
Cisco IOS Software [Gibraltar], Virtual XE Software (X86_64_LINUX_IOSD-UNIVERSALK9-M), Version 16.12.1a, RELEASE SOFTWARE (fc2)

Could someone how can this be fixed . Thank you

Everyone's tags (1)
2 REPLIES 2
Highlighted
VIP Advocate

Re: CSR1000v_SSL _Anyconnect VPN_TLS version problem

 

  - Did someone upgrade the CSR1000v or made configuration change ?

   M.

Highlighted
Beginner
Beginner

Re: CSR1000v_SSL _Anyconnect VPN_TLS version problem

Hi, Thank you 

Yes. We did changes to the box .I just noticed that i created two treads u knowingly. 

 

I thought this one was not submitted after auto-save. here is the link for problems and logs seen on box.

 

https://community.cisco.com/t5/network-security/csr1000v-crypto-opssl-ssl3-0-is-no-longer-supported-enabling/m-p/4088808#M1070346