We use DAP and endpoint assessment with AnyConnect to check for anti-virus software on our clients. We are using ASA 5540 with ver. 8.2.3 and AnyConnect 2.5.2001 with Secure Desktop 3.5.
The AnyConnect has been configured (in the xml profile) to ignore proxy settings and just connect - this works fine.
But we enabled the DAP policy to use endpoint assessment last week, and the hostscan.exe that runs on the client during posture assessment doesn't allow access when a proxy server (which of course is unreachable since you aren't connected with VPN yet) is defined. Removing the proxy settings let's you right through.
The error is: Posture Assessment failed. As if it didn't find the anti-virus software or something, but obviously that's not the case. Right before the error it says that Hostscan is looking for updates, and it must be that process that fails.