Cisco Bug: CSCvs64221 - VPN tunnel cannot connect on Windows10 build 1909 with ECDH group 21 and TLS 1.0 disabled on gateway
Jan 24, 2020
- Cisco AnyConnect Secure Mobility Client
Known Affected Releases
Symptom: AnyConnect VPN doesn't work on the Windows10 Version 1909 Below error is being displayed once connection fail: Could not connect to server. Please verify Internet connectivity and server address. Conditions: - OS: Windows10 Version 1909 -> current version of OS can be checked using winver command in cmd - TLS 1.0 is not supported by ASA/FTD -> ssl server-version1.1 or ssl server-version1.2 is configured- - Elliptical Curve Diffie-Hellman Group 21 is configured on the head end -> ssl ecdh-group group21 - AnyConnect and the head end negotiate an Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) cipher suite during the initial TLS v1.2 handshake.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases