Cisco AnyConnect doesn't detect ENS Firewall and users can't connect to the VPN
Last Modified: 8/30/2023
Affected Products
Languages:
This article is available in the following languages:
Trellix CEO, Bryan Palma, explains the critical need for security that’s always learning.
As per Gartner, "XDR is an emerging technology that can offer improved threat prevention, detection and response."
Trellix announced the establishment of the Trellix Advanced Research Center to advance global threat intelligence.
Trellix Advanced Research Center analyzes threat data on ransomware, nation-states, sectors, vectors, LotL, MITRE ATT&CK techniques, and emails.
As of May 14, 2024, Knowledge Base (KB) articles will only be published and updated in our new Trellix Thrive Knowledge space.
Log in to the Thrive Portal using your OKTA credentials and start searching the new space. Legacy KB IDs are indexed and you will be able to find them easily just by typing the legacy KB ID.
Cisco AnyConnect doesn't detect ENS Firewall and users can't connect to the VPN
Technical Articles ID:
KB88476
Last Modified: 8/30/2023 Environment
Endpoint Security (ENS) Firewall 10.x Cisco AnyConnect 4.3.x Problem
When users try to connect to a VPN using Cisco AnyConnect, HostScan doesn't detect the status of ENS Firewall as being present and enabled. Users are unable to connect to the VPN.
Cause
The Cisco AnyConnect HostScan module uses a third-party tool to query the products on Windows systems. The third-party tool can detect the status of the Trellix Firewall Core Service correctly. But, HostScan can't detect the status of ENS Firewall.
Solution
Cisco has released an updated version of HostScan that resolves the issue. Download HostScan 4.3.05028 or later to resolve the issue. NOTE: You'll need to search for AnyConnect Secure Mobility Client, and then select HostScan from the menu provided in the search results. Workaround
Set Cisco AnyConnect to monitor the status of the following registry key: Here, a value of 1 means that ENS Firewall is enabled, and 0 means that ENS Firewall is disabled. Affected ProductsLanguages:This article is available in the following languages: |
|