Cisco Bug: CSCvu03917 - AnyConnect connection failure with automatic certificate selection enabled.
Aug 31, 2020
- Cisco AnyConnect Secure Mobility Client
Known Affected Releases
4.8(2042) 4.8(2045) 4.8(3036) 4.8(3043) 4.8(3052)
Symptom: AnyConnect connections to a load-balanced ASA pair with certificate authentication and automatic certificate selection enabled will normally connect successfully the first time but fail after that. AnyConnect DART bundle shows "The HTTP response code from the secure gateway is 401, Other error HTTP/1.1 401 Unauthorized" Conditions: AnyConnect 4.8.01090+ connecting to an ASA load balancing LB pair with automatic certificate authentication and certificate store override set to true. Try to connect, which should succeed, then disconnect and try to reconnect. The second attempt will fail. If you configure AnyConnect for the user to select the certificate manually or if you wait a little bit, reboot the client, or reinstall the client on the user device, the connection will succeed again. The ASA must contain the fix for CSCvq73599.
Bug details contain sensitive information and therefore require a Cisco.com account to be viewed.
Bug Details Include
- Full Description (including symptoms, conditions and workarounds)
- Known Fixed Releases
- Related Community Discussions
- Number of Related Support Cases