Thursday, February 8, 2018

Patched ASA to fix CVE-2018-0101 and now Anyconnect rejecting SSL

Hi guys, we updated our ASA 5520 to 9.1(7)23 last night and everything looked good. But this morning we are getting reports of users not able to VPN in. We have been able to isolate the problem to Windows PC's, (Our testing last night was with people who all happened to have Apple devices) that have home firewalls that do SSL inspection. Getting the users to add SSL exceptions into their firewalls fixes it, but isn't very feasible given our scale and technical aptitude of our remote employees. Anyone else had this weirdness after patching, and if so any other workarounds?



No comments:

Post a Comment