Preview Tool

Cisco Bug: CSCtb73337 - AnyConnect does not work with IOS if cert not trusted/name mismatch

Last Modified

Jan 28, 2017

Products (1)

  • Cisco IOS

Known Affected Releases


Description (partial)

AnyConnect Client version 2.4 does not work with IOS headend
when a certificate is used that is not trusted or there is 
mismatch in the hostname entered in the URL to that to the
CN (common name) or SAN (subject alternative name) in
the IOS router certificate. 

Any Connect 2.4 fails to connect with IOS headend due certificate
verify fail error.

This only pertains to 2.4 version of anyconnect and previous versions
are not affected. 
1) Anyconnect 2.4 is used
2) Untrusted router ssl cert or CN or SAN does not match
   with that of the URL (fqdn) entered.
Bug details contain sensitive information and therefore require a account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.