Hello and salutations. I’m really not sure what else to do, as our copmany IT “guy” can’t seem to help me either. Small company, no inhouse IT so we pay some guy to come in and do it.
Anyways…
I work from home and have rarely had any issues with connecting to the company VPN which uses this Cisco thing. Today, out of the blue, when using the Cisco AnyConnect software, it now throws an error “Unable to retrieve logon information to verify compliance with AnyConnect logon enforcement and VPN establishment profile settings. A VPN connection will not be established.”
We’ve hit Google and checked the little info we’ve found on this error, and I really don’t feel comfortable doing anything “deep” in Windows like the registry thing. Any thoughts? Been working fine for a couple of years.
Thank you!
EDIT: Thank you all for your efforts and advice. Fortunately we were able to restore my workstation from a previous point when VPN worked and it’s working again. Thank you thank you thank you!
Sorry to hear that, but without the help of your IT guy we can’t help much. You’ll have to ask and see if there were changes don on your ASA, that would look into performing some compliance checks on your system before allowing you to connect.
You could run some Anyconnect Diagnostic that would result into a DART archive that would contain some system logs and application logs and there you should find what exactly is getting you that compliance error.
Are you doing AnyConnect host posture validation?
There is a file like Anyconnect.evtx in the Anyconnect Mobility Client folder.
Take that file line by line in the EventViewer and you’ll find where compliance fails.
Same time you can get the DART from working computer, look for compliance and see why is OK on one and NoK on the other.
Enjoy.
PS: don’t loose yourself in the details, just read between the lines…
Compliance issues are usually related to, I’m assuming you’re running Windows, Windows updates. Try running Windows update, install any pending updates, restart your computer, and then try to login to the VPN.
Make sure you do not have multiple users logged into the desktop computer. Anyconnect is trying to enforce that only a single user is logged into windows. If this is a personal computer with multiple accounts make sure every other account is logged out. If all users are logged out it’s also possible that you have some service that is configured to run as another user which could be causing the issue.
Sounds like you need real IT support or at least a Cisco SmartNet contract so someone could call TAC to get troubleshooting assistance.
Oh dear…ASA?
Sorry, I know this stuff is going to be way over our heads doing it at home. Odd thing is, we have a laptop and it works fine, but the desktop pc just up and stopped working. We’ve uninstalled Cisco, did a “clean uninstall” which had us deleting some things from the Program Data folder, rebooted, etc. We’re also using Windows 10 if that matters.
We did just run that diagnostics tool and it created a large file, anything in particular to look for?
Sorry, I just know how to use our applications, I’ve passed that question onto the IT guy, hopefully he knows.
If so, is there something to look for?
Thank you so much! Learning as we go here…
We ended up using a restore point from a month ago. Fixing a few things, but it’s cleared up all of the issues I was having with the stupid vpn.
You opened up something…in Task Manager, there’s a “Users” tab. On my working machine, it shows my login name, along with some columns about the CPU and Memory and how much is being used.
On my non-working machine, the Users tab is full (and growing) of entries with no names, and 0% usage of all fields. That list is adding a new entry every second at least. There’s not even one for my connection like there is on my working machine.
If I didn’t explain that right, Task Manager/Users tab has hundreds of entries, with blank user names and 0% usage of all of the columns. A new entry is being added every second or so. I know this isn’t right.
real IT support
I think you nailed it right there…
In my experience AnyConnect profiles tends to bug out or get corrupted or something. An easy thing to try is:
- Complete close the AnyConnect Cliënt
- Delete the AnyConnect profile from %ProgramData%\Cisco\Cisco AnyConnect Secure Mobility Client\Profile
- Retrieve the profile again via https://ip_of_ASA or have your admin with access to the ASA provide you the .xml profile (and put it in the location of step 2)
If that still results in the same error you will need someone observing the logs on the ASA firewall.
Hehe, 25+ years into this and still learning……
Let us know how it goes.
Excellent! Good to hear its taken care of.
Maybe Pc is infected and Anyconnect checks that with hostscan and block it?
You may want to try r/techsupport this is beyond the scope of this subreddit.
It appears to be something with the specific pc, unsure why.
We tried all of that and some other stuff we found on the net, but nothing changes the behavior.
So weird.
This doesn’t look good:
Function: DARTEngine::collectLogs
File: c:\temp\build\thehoff\phoenix_mr50.209236130437\phoenix_mr5\vpn\tools\dart\dartengine\implementations\dartengine.cpp
Line: 274
Invoked Function: helperUtil::fileDeleteDirectory
Return Code: -22020082 (0xFEB0000E)
Description: DARTENGINE_ERROR_ACCESS_DENIED:Error: Access denied
That entire “path” doesn’t exist…there is no C:\Temp folder…