Page 1 of 6 123 ... LastLast
Results 1 to 10 of 55

Thread: Cisco Anyconnect SSL VPN Client Certificate Error

  1. #1
    Join Date
    Nov 2006
    Beans
    129

    Cisco Anyconnect SSL VPN Client Certificate Error

    I have a SSL VPN Connection to a Cisco ASA firewall (v8.03) and from my Ubuntu 7.1 box it works fine. That box has Firefox 2.4, but my Ubuntu 8.04 box fails to connect, which I'm pretty sure is because the ASA doesn't have a publicly signed cert. I have installed the cert in Firefox so that it doesn't gripe when I connect to login, but it appears that Java doesn't like the cert.

    Where should I start looking to fix this?


  2. #2
    Join Date
    Nov 2006
    Beans
    129

    Re: Cisco Anyconnect SSL VPN Client Certificate Error

    Anybody?

  3. #3
    Join Date
    Jul 2008
    Beans
    64

    Re: Cisco Anyconnect SSL VPN Client Certificate Error

    Are your running 32-bit or 64-bit version of Ubuntu?

    If you are running 32-bit, do the following:

    sudo ln -s /usr/lib/libnspr4.so.0d /usr/lib/libnspr4.so
    sudo ln -s /usr/lib/libnss3.so.1d /usr/lib/libnss3.so
    sudo ln -s /usr/lib/libplc4.so.0d /usr/lib/libplc4.so
    sudo ln -s /usr/lib/libsmime3.so.1d /usr/lib/libsmime3.so

    If you are running 64-bit, it's a little more complicated. You will need to install 32-bit Firefox and make a few other changes. The following steps work for me, but I'm not using certificates (yet).

    1) Install "ia32-libs"
    2) Install "lib32nss-mdns"
    3) Install 32-bit Firefox. It MUST be installed into the /usr/local/firefox directory.
    4) Several files from /usr/local/firefox must be copied or linked to either /usr/lib32 or /opt/cisco/vpn/lib.

    libnssutil3.so
    libplc4.so
    libplds4.so
    libnspr4.so
    libsqlite3.so
    libnssdbm3.so
    libfreebl3.so

    If this doesn't help, please give the exact error message.

    casevh

  4. #4
    Join Date
    Dec 2006
    Beans
    3

    Re: Cisco Anyconnect SSL VPN Client Certificate Error

    I was having the same issue. I used the above 32bit steps and it resolved the issue. Thanks!

  5. #5
    Join Date
    Nov 2006
    Beans
    129

    Re: Cisco Anyconnect SSL VPN Client Certificate Error

    Late replying, I'm on 32bit. It seems to work now, but I don't know what changed.

    When I tried your 32bit instructions, it said "File exists" for each. Oh well, it's working....

  6. #6
    Join Date
    Jul 2008
    Beans
    64

    Re: Cisco Anyconnect SSL VPN Client Certificate Error

    It's possible that you've installed another application that created those links. For example, installing FireFox 2 will create those links.

  7. #7
    Join Date
    Apr 2007
    Beans
    10

    Re: Cisco Anyconnect SSL VPN Client Certificate Error

    Quote Originally Posted by casevh View Post
    3) Install 32-bit Firefox. It MUST be installed into the /usr/local/firefox directory.
    What method do you use to do this? Compiling from source would produce another x86_64 binary. Did you download the 32bit deb, unpack it, and move specific files there?

  8. #8
    Join Date
    Jul 2008
    Beans
    64

    Re: Cisco Anyconnect SSL VPN Client Certificate Error

    Yes, I actually used firefox-3.0.1.tar.bz2 from mozilla.com.

    Let me know if it works for you. I need to support AnyConnect on multiple Linux distributions so I've gotten pretty good at troubleshooting it. It's not fun.

    casevh

  9. #9
    Join Date
    Aug 2008
    Beans
    35

    Re: Cisco Anyconnect SSL VPN Client Certificate Error

    I just can't get the AnyConnect client to work. I followed your advice but without any luck.

    Any help is greatly appreciated

    thanx
    //robert

  10. #10
    Join Date
    Jul 2008
    Beans
    64

    Re: Cisco Anyconnect SSL VPN Client Certificate Error

    I haven't seen that error message.

    Are you running 32 or 64 bit Ubuntu?

    Are there any error messages in /var/log/syslog?

    Do you get any more useful errror messages by starting the command line version: /opt/cisco/vpn/bin/vpn?

    Hopefully we can get some error messages that help isolate the issue.

    casevh

Page 1 of 6 123 ... LastLast

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •