FIPs Issue with Anyconnect

So lets say you are getting the FIPs error that looks like :
This is one annoying issue let me tell you. So I was installing a VPN client after establishing a new profile on for the Anyconnect Client. Well low and behold I get the FIPs issue. 

Just to note the ASA does not give out any certs and had no certs on it so I had to make a change to the local machine. 
The change is as follows :

 C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client

 In order to get to the directory make sure you have "Show hidden files, folders, or drives" selected in your folder options so you can see the Program Data Folder.


Go to that directory and once in that directory we will have to change the file called:

 AnyConnectLocalPolicy.xml

 We have to change the following code to be "false" where it states "true" and then save the file as the same name and directory replacing the old.

<?xml version="1.0" encoding="UTF-8"?>
-<AnyConnectLocalPolicy acversion="3.0.08057" xsi:schemaLocation="http://schemas.xmlsoap.org/encoding/ AnyConnectLocalPolicy.xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://schemas.xmlsoap.org/encoding/"> <FipsMode>true</FipsMode> </AnyConnectLocalPolicy>

                  CHANGE TO and SAVE


<?xml version="1.0" encoding="UTF-8"?>
-<AnyConnectLocalPolicy acversion="3.0.08057" xsi:schemaLocation="http://schemas.xmlsoap.org/encoding/ AnyConnectLocalPolicy.xsd" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://schemas.xmlsoap.org/encoding/"> <FipsMode>false</FipsMode> </AnyConnectLocalPolicy>



After doing so make sure its saved and retry the anyconnect client and it should work!

Comments

Post a Comment

Popular posts from this blog

HULC LED PROCESS - 3750 High CPU

Image
If you're looking at a switch and you see the HULC LED Process running high. The HULC LED process does some of the following tasks: 1. Check link status on every port 2. If the switch supports POE, it checks to see if there is a power device 3. Transceiver checks 4. Fan status updates 5. Set LED ports 6. Check on temperature status Overall the HULC LED Process is a monitoring process running. During looking into this I turned off all non-used ports since it checks the link status. Then I made sure the environment was good. Two Cisco Bugs: http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCsi78581 http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCtn42790
Read more

%PLATFORM_UCAST-4-PREFIX: --------- TCAM 3750 Switch

Image
 %PLATFORM_UCAST-4-PREFIX:  One or more, more specific prefixes could not be programmed into TCAM and are being covered by a less specific prefix, and the packets may be software forwarded So what is TCAM ? Ternary Content Addressable Memory is used in multi-layer switching also know as Layer 3 switching. The switches forward the packets and frames at the speed of the line by using ASIC hardware. Normally switches make there forwarding decisions based on Layer 2. TCAM is used for Layer 3 components and other features such as QOS and ACES ( Access List ).  Check TCAM and usage of templates being used in the device.  show sdm prefer ? ! This will show us the templates that can be used in the device to give more resources to one feature or the other. For example the default is the equal resource distribution while the routing gives more resources to Layer 3 routing. show sdm prefer ! The command without the "?" will show us what we are currently r
Read more