Guest

Preview Tool

Cisco Bug: CSCul02984 - IOS SSLVPN AnyConnect 3.1 false captive portal with Certificate Auth

Last Modified

Nov 27, 2020

Products (1)

  • Cisco AnyConnect Secure Mobility Client

Known Affected Releases

3.1(495)

Description (partial)

Symptom:
Standalone Anyconnect sessions using Client Certificate authentication, fail to connect to IOS headends with following error due to false Captive Portal detection:

"The service provider in your current location is restricting access to the Internet. You need to log on with the service provider before you can establish a VPN session. You can try this by visiting any website with your browser."

Conditions:
IOS acting as SSLVPN Gateway for AnyConnect: 3.1 clients.
Authentication Mode: Certificate [+ AAA]

Related Community Discussions

AnyConnect - Web Authentication required (Router IOS + dual authentication Certificate and AAA)
Hi everybody, I am configuring WebVPN on Cisco Router 3925e with Certificate and AAA authentication. Versions of software I use: C3925e = c3900e-universalk9-mz.SPA.152-4.M5.bin AnyConnect = anyconnect-win-3.1.05170 OS = Windows 7 SP1 Configuring WebVPN with certificate authentication was successful, but some problem is with Windows version of AnyConnect. When user try to connect, AnyConnect shows message like on the print screen: User have to go to the web portal of WebVPN, pass authentication, press ...
Latest activity: Mar 21, 2015
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.

Bug Details Include

  • Full Description (including symptoms, conditions and workarounds)
  • Status
  • Severity
  • Known Fixed Releases
  • Related Community Discussions
  • Number of Related Support Cases
Bug information is viewable for customers and partners who have a service contract. Registered users can view up to 200 bugs per month without a service contract.