Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4904
Views
4
Helpful
19
Replies

Windows 11 AnyConnect VPN SBL 5.1.1.42 Unable to apply proxy setting

mattb85
Level 1
Level 1

‎01-22-2024 09:41 AM - edited ‎01-22-2024 11:35 AM

UPDATE: We are now having another user experiencing this issue as well only difference is they are on Windows 10

We have a user with a Windows 11 box that will not connect to VPN using SBL after a system reboot or cold boot. However, when the user signs into the computer they are able to successfully connect to VPN. This issue started after the client software was updated from AnyConnect 4.10.04071 to Cisco Secure Client 5.1.1.42.

When trying to start a VPN connection via SBL the user is quickly displayed the message "The Cisco Secure Client - AnyConnect VPN has sent the following close message to the gateway: Unable to apply proxy settings that are received from the secure gateway." As stated previously, if the user signs into windows 11 normally then connects to the VPN there is no issue and if the user signs off and then initiates a VPN connection using SBL the user is able to successfully login to the VPN with SBL; but if the user reboots the machine they receive the "unable to apply proxy settings" message. 

We have tried to do an uninstall and reinstall of the Secure Client suite, which does allow the user to connect using SBL once, then subsequent cold boots or computer restarts will go back to not establishing a connection due to the "unable to apply proxy settings".

Has anyone else been experiencing this issue with a Windows 11 machine with the AnyConnect VPN version 5.1.1.42? 


******************************************

Date : 01/22/2024
Time : 07:33:29
Type : Information
Source : csc_vpnapi

Description : Message type information sent to the user:
Establishing VPN - Configuring system...


******************************************

Date : 01/22/2024
Time : 07:33:29
Type : Information
Source : csc_vpnagent

Description : Host Configuration:
Public address: 192.168.20.7/24
Potential public addresses: 192.168.20.7
Private Address: 10.xxx.xxx.xxx/24
Private IPv6 Address: FE80:0:0:0:4039:2CF5:6D6B:4305/126 (auto-generated)
Remote Peers: xxx.xxx.xxx.xxx (TCP port 443, UDP port 443, source address 192.168.20.7)
Private Networks: none
Private IPv6 Networks: none
Public Networks: none
Public IPv6 Networks: none
Tunnel Mode: yes
Tunnel all DNS: no


******************************************

Date : 01/22/2024
Time : 07:33:29
Type : Information
Source : csc_vpnagent

Description : Function: CHostConfigMgr::applyFirewallConfiguration
File: C:\temp\build\thehoff\Raccoon_MR10.719617947665\Raccoon_MR1\vpn\AgentUtilities\HostConfigMgr.cpp
Line: 1908
No Firewall Rules to configure


******************************************

Date : 01/22/2024
Time : 07:33:29
Type : Information
Source : csc_vpnagent

Description : The network control state changed to restricted.


******************************************

Date : 01/22/2024
Time : 07:33:29
Type : Warning
Source : csc_vpnagent

Description : The connection proxy settings for internet browser are ignored because the connection is not associated with a user logon.


******************************************

Date : 01/22/2024
Time : 07:33:29
Type : Information
Source : csc_vpnagent

Description : Function: ApplyProxySettings
File: C:\temp\build\thehoff\Raccoon_MR10.719617947665\Raccoon_MR1\vpn\Common\Proxy\BrowserProxy.cpp
Line: 1186
Refreshing browser now that tunnel is up.


******************************************

Date : 01/22/2024
Time : 07:33:29
Type : Information
Source : csc_vpnagent

Description : Function: CThread::createThread
File: C:\temp\build\thehoff\Raccoon_MR10.719617947665\Raccoon_MR1\vpn\Common\Utility\Thread.cpp
Line: 295
A thread has been successfully created, Reference: '03BA4BB0', System ID: '26804', Fire and Forget: 'YES'


******************************************

Date : 01/22/2024
Time : 07:33:29
Type : Error
Source : csc_vpnagent

Description : Function: DeleteOriginalProxySettingFile
File: C:\temp\build\thehoff\Raccoon_MR10.719617947665\Raccoon_MR1\vpn\Common\Proxy\BrowserProxy.cpp
Line: 90
Invoked Function: DeleteFile
Return Code: 2 (0x00000002)
Description: The system cannot find the file specified.

 

 

******************************************

Date : 01/22/2024
Time : 07:33:29
Type : Warning
Source : csc_vpnagent

Description : Function: ApplyProxySettings
File: C:\temp\build\thehoff\Raccoon_MR10.719617947665\Raccoon_MR1\vpn\Common\Proxy\BrowserProxy.cpp
Line: 1202
Invoked Function: DeleteOriginalProxySettingFile
Return Code: -32112631 (0xFE160009)
Description: BROWSERPROXY_ERROR_UNEXPECTED

 

******************************************

Date : 01/22/2024
Time : 07:33:29
Type : Information
Source : csc_vpnagent

Description : Function: IERefreshBrowserThread::Run
File: C:\temp\build\thehoff\Raccoon_MR10.719617947665\Raccoon_MR1\vpn\Common\Proxy\BrowserProxyIE.cpp
Line: 1607
Entering IE browser refresh


******************************************

Date : 01/22/2024
Time : 07:33:29
Type : Error
Source : csc_vpnagent

Description : Function: CVpnMgr::main
File: C:\temp\build\thehoff\Raccoon_MR10.719617947665\Raccoon_MR1\vpn\Agent\VpnMgr.cpp
Line: 2356
Invoked Function: ApplyProxySettings
Return Code: -32112631 (0xFE160009)
Description: BROWSERPROXY_ERROR_UNEXPECTED

 

******************************************

Date : 01/22/2024
Time : 07:33:29
Type : Error
Source : csc_vpnagent

Description : Termination reason code 127:
Unable to apply proxy settings that are received from the secure gateway.


******************************************

Date : 01/22/2024
Time : 07:33:29
Type : Warning
Source : csc_vpnagent

Description : The connection proxy settings for internet browser are ignored because the connection is not associated with a user logon.


******************************************

Date : 01/22/2024
Time : 07:33:29
Type : Information
Source : csc_vpnagent

Description : Function: CTND::OnTunnelStateChange
File: C:\temp\build\thehoff\Raccoon_MR10.719617947665\Raccoon_MR1\vpn\Agent\TND.cpp
Line: 2174
tunnel state change (0->3)


******************************************

Date : 01/22/2024
Time : 07:33:29
Type : Information
Source : csc_vpnagent

Description : The Primary SSL connection to the secure gateway is being torn down.


******************************************

Date : 01/22/2024
Time : 07:33:29
Type : Information
Source : csc_vpnagent

Description : The Cisco Secure Client - AnyConnect VPN has sent the following close message to the gateway:
Unable to apply proxy settings that are received from the secure gateway.

 

2 people had this problem
Labels:
0 Helpful
19 Replies 19

Beheer tno-netwerk
Level 1
Level 1

‎01-24-2024 07:50 AM

Same error with SBL on 4.10.08025 after power-on (W10). Works again after restart.

0 Helpful

mattb85
Level 1
Level 1

‎01-26-2024 05:29 AM

There are two more Windows 10 users who are running version 5.1.1.42 of AnyConnect VPN and SBL that are having this issue as well

0 Helpful

ChrisLynes5541
Level 1
Level 1

‎01-29-2024 02:08 AM

We are also having the same issue but seems to be intermittent. A reboot does appear to solve it but has anyone tried implementing this workaround as mentioned here already - https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwf67833 I just wanted to ask before we had a look at trying it. We only seemed to have got this problem after moving to 5.1.1.42

0 Helpful

ChrisLynes5541
Level 1
Level 1

‎01-31-2024 01:32 AM

Just to add, has anyone tried disabling Fast Startup in Windows and whether this seems to resolve the issue at all? 

0 Helpful

mattb85
Level 1
Level 1

‎01-31-2024 07:02 AM

We are opening a TAC case on this issue before we try the work around from bug CSCwf67833; also we haven't tried disabling fast start up, mainly because the last time we tried that in our environment, it broke some of our GPO policies.

0 Helpful

ChrisLynes5541
Level 1
Level 1

‎01-31-2024 07:51 AM

We have one raised with them currently and I think they have finally escalated it so hopefully is getting looked into. Fair enough. Can I ask what GPO settings broke disabling fast start up out of interest? 

0 Helpful

ChrisLynes5541
Level 1
Level 1

‎02-02-2024 12:48 AM

I've done some further testing. It does seem that disabling Fast Start Up in Windows does solve the issue (feel free to try it yourselves). I have fed this back to Cisco Support who are in contact with their software engineering teams so will see what they come up with. 

0 Helpful

ChrisLynes5541
Level 1
Level 1

‎02-08-2024 12:42 AM

It looks like Cisco have released an updated AnyConnect version - 5.1.2.42. We are yet to verify whether this fixes this issue but in case anyone wanted to try it as well. I'm still waiting to hear back from Cisco support. 

0 Helpful

Dink353
Level 1
Level 1

‎02-19-2024 11:24 AM

Not sure if Cisco support got back to you or not, but I've upgraded up to this 5.1.2.42 version and the problem persists.  Did Cisco Support have any light to shed on this issue?

0 Helpful

ChrisLynes5541
Level 1
Level 1

‎02-20-2024 01:35 AM

I believe they are still looking at it. I did send a follow up yesterday so hopefully get a response soon. Have you tried disabling Fast Start Up as a workaround? 

0 Helpful

ChrisLynes5541
Level 1
Level 1

‎03-05-2024 01:29 AM

Cisco support have finally raised this issue as a bug - https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwj19626. There is a potential fix for this that I am working with Cisco on at the moment with a preview version of AnyConnect. 

0 Helpful

scottdavidson3
Level 1
Level 1

‎06-04-2024 02:48 AM

I've just updated from version 5.0.02075 to 5.1.2.42 of the Secure Client for Windows 11, and during initial testing have come across this same issue. I also have fast start-up enabled, which didn't cause any issues with the previous version of Secure Client. Is there any progress on the potential fix for this yet?

0 Helpful

ChrisLynes5541
Level 1
Level 1

‎06-04-2024 02:56 AM

Hi, there is a fix for it and I have a preview version of AnyConnect which does look like the issue has been fixed but this was the response I got from Cisco Support when asking for a timeframe when the fix will be incorporated into the main build of Secure Client/AnyConnect - "I got the information from BU that the fix will most probably be available in the 5.1.4 release. Currently, the tentative release date for 5.1.3 is mid-April but I do not have an ETA on when the 5.1.4 could come out.". So it looks like the fix will be the 5.1.4 release which hopefully should be coming out soon but not exactly sure when. Hope that helps. 

scottdavidson3
Level 1
Level 1

‎06-04-2024 03:10 AM

Hey, thanks for the quick reply! That's very helpful. I can see 5.1.3.62 looks to be the latest client available currently, so I'll have to keep an eye out for the release of 5.1.4. in that case - hopefully not too far away now

0 Helpful
Customers Also Viewed These Support Documents