Has anyone else encountered the SSLVPN not functioning on a Windows client AFTER installing KB2585542? If we install the update, we can't use SSL VPN with the AnyConnect client until the update is removed.
What platform are you connecting to.
On IOS side we're tracking this via:
Yes, we are having the same problem as you LSThreeMIS. The only solution we have found thus far is to uninstall the update. We are still looking into it ourselves to see if we can find an answer that does not involve uninstalling the MS update.
Same here, we have WSUS pulling the update if it was already applied, but that seems to have introduced another issue with the PC/Laptop getting stuck while shutting down windows 7. Hopefully this gets resolved soon.
So is the problem with the Cisco AnyConnect VPN client or with the IOS? Or is it both the Cisco AnyConnect client and the IOS? We are running AnyConnect 2.5.3055 and IOS 12.4T(24) on one of our ISRs and have not been able to get Windows XP SP3, Vista or WIndows 7 clients using AnyConnect 2.5.3055 to connect when they have the KB2585542 installed.
Does Cisco monitor and respond to these Discussions? If so, a response of some kind would be appreciated!
The problem is with IOS and there is a defect filed against IOS for that:
The bug id is CSCtx38806
Any of the following workarounds will work: 1)Use the clientless portal to start the client- this only works in some versions of IOS. 2)Uninstall the update 3) Use rc4 - is a less secure encryption option, if this meets your security needs, then you may use it as following: webvpn gateway
ssl encryption rc4-md5 4) use AC 2.5.3046 or 3.0.3054 for anyconnect For anyconnect users, the user error message is : "Connection attempt has failed due to server communication errors. Please retry the connection" The anyconnect event log will show the following error message snippet: Function: ConnectIfc::connect Invoked Function: ConnectIfc::handleRedirects Description: CONNECTIFC_ERROR_HTTP_MAX_REDIRS_EXCEEDED
on ASA for the majority, there are no issues, but some isolate incidents have been seen.
This tracked using the defect:
Are you seeing any issues with ASA ?
Thank you Thomas, this has helped us to get our users connected using the AnyConnect Client (2.5.3046), however we now find that users cannot connect to the website on the router. Do you know where I can find out what version of the IOS we can run so that our users can connect to the web site of the router?
We have confirmed that it is the KB2585542 update that is preventing our users from connecting to the web site by removing the update and trying to connect.
I have tried the interim release of 8-4-3.9 for the ASA and while the symptoms are not the same, the end results is that I still cannot obtain the desired page.
Does disabling the KB fix resolve the problem even with ASA 18.104.22.168 ?
without looking at the ssl stream with private key exported and the ASA debugs/logs, its hard to say its a new issues.
It would be best to open a TAC case so that this can be further analyzed and new bug opened if this is a new defect.