09-18-2012 03:19 AM - edited 02-21-2020 06:20 PM
Hi anyone. I have a problem with Cisco AnyConnect client. Client Version 3.1.
This problem only in Windows 7 OS. I have some tunnel groups, and earlier i did can select this groups in anyconnect client after successful connection to my ASA.
Now when i try to connect and use address of my asa like "vpn.company.com" i can't establish connection, and client respond me with error "invalid host entry. Please re-enter". But when i start connection from VPN portal or type address like "vpn.company.com/<tunnel-group>" everything OK and no error responded.
When i was see log in ASA, i see that anyconnect client try start ipsec connection.
Can anyne help me. Maybe someone take this problem earlier.
Sorry for bad English.
09-18-2012 05:48 AM
Hi,
Most likely the XML profile has the following instruction:
You can find the profile in the following path:
Please make sure you remove the line in bold and let me know.
Thanks.
Portu.
Please rate any post you find useful.
Message was edited by: Javier Portuguez
09-18-2012 05:56 AM
There is no profiles. There is only AnyConnectProfile.xsd file. Do you know how Anyconnect check host entry before connect to ASA?
09-18-2012 06:00 AM
And i dont understand why VPN session establish when i type address with tunnel group like this ""vpn.company.com/
This tested on MAC OS X and no problem found
09-18-2012 06:59 AM
Pretty common DNS resolution.
Did you run logs on the ASA?
Thanks.
09-18-2012 07:09 AM
Yes of course a has run logging in ASA. I cant uderstand, why it may DNS resolution error. Did you know how AnyConnect client verify DNS records?
When i check logging and simultaneously try to connect with client, i was see that request from my PC go to port 500 and 4500 it is NAT-T) but i dont use IKEv2 with ipsec . I use only SSL between client and ASA. I dont understand, why ASA recieve packets for 500 and 4500 udp ports.
09-24-2012 10:52 PM
I have solved this problem. I suggest that in installation some gone wrong and configuration files has bad.
I uninstall Cisco AnyConnect and delete directory
"C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client" (Win 7) after that reinstall Cisco Any Connect.
Problem is gone:)
Maybe this information will helpful
02-22-2016 05:13 AM
I had "invalid host entry" issue and corrected it by running diagnostics feature within Cisco AnyConnect.
Path: Click on the Settings icon (gear) in bottom left of login screen. From Settings screen, click on Diagnostics button on top right of screen. This launches Cisco Diagnostic and Reporting Tool (DART). Follow prompts to run the diagnostics.
I did not need to change any configurations. Just running the diagnostics tool fixed the problem.
I hope this helps... Good luck!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide