Cisco Bug: CSCvs68805 - VPN tunnel cannot connect on Windows with ECDH group 21 and only TLS 1.2 enabled on gateway
Apr 10, 2020
- Cisco AnyConnect Secure Mobility Client
Known Affected Releases
Symptom: SSL VPN connection fails with error (prior to authentication): Could not connect to server. Please verify Internet connectivity and server address. IPsec VPN connection fails with error (post-authentication): The VPN client failed to establish a connection. Conditions: - Platform: Windows 7, 8, 10. - VPN head end configured to only support client SSL connections using at least TLS v1.2. - Elliptical Curve Diffie-Hellman Group 21 is configured on the head end. - AnyConnect and the head end negotiate an Elliptic Curve Diffie-Hellman Ephemeral (ECDHE) cipher suite during the initial TLS v1.2 handshake.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases