MITA End-User VPN Troubleshooting Guide

Similar documents
SSL VPN Service. Once you have installed the AnyConnect Secure Mobility Client, this document is available by clicking on the Help icon on the client.

MITA VPN Client Software Installation Guide

Windows and MAC User Handbook Remote and Secure Connection Version /19/2013. User Handbook

Network Connect Installation and Usage Guide

Table of Contents. FleetSoft Installation Guide

SSL VPN Support Guide

Microsoft Windows Installation and Troubleshooting Guide

Sophos UTM. Remote Access via PPTP Configuring Remote Client

WestermoConnect User Guide. VPNeFree Service

new Business Online Technical Troubleshooting Guide

Contents. VPN Instructions. VPN Instructions... 1

MultiSite Manager. Setup Guide

Florida Atlantic University VPN Client Installation Guide

Aventail Connect Client with Smart Tunneling

Installing the Cisco AnyConnect YSU VPN Client Windows XP or later

SGUL VPN Connection Guide for Windows 10

IIS, FTP Server and Windows

CA VPN Client. User Guide for Windows

Microsoft Office 365 with MailDefender

VPN: Using WebVPN SSL Client This document outlines the process for using the WebVPN SSL with Internet Explorer and Firefox

MultiSite Manager. Setup Guide

Tufts VPN Client User Guide for Windows

If you are unable to set up your Linksys Router by using one of the above options, use the steps below to manually configure your router.

Configuring Devices for Use with Cisco Configuration Professional (CCP) 2.5

Troubleshooting Sprint Mobile Broadband USB Modem by Novatel Wireless TM (Ovation TM U727)

QUANTIFY INSTALLATION GUIDE

Allworx OfficeSafe Operations Guide Release 6.0

Resource Guide INSTALL AND CONNECT TO CISCO ANYCONNECT VPN CLIENT (FOR WINDOWS COMPUTERS)

Preparing the Computers for TCP/IP Networking

Print Server Application Guide. This guide applies to the following models.

VPN: Using the WebVPN SSL Client

How to Setup PPTP VPN Between a Windows PPTP Client and the DIR-130.

Using Remote Desktop with the Cisco AnyConnect VPN Client in Windows Vista

SSL VPN Support Guide

University of Central Florida UCF VPN User Guide UCF Service Desk

Magaya Software Installation Guide

Clientless SSL VPN Users

Outlook Profile Setup Guide Exchange 2010 Quick Start and Detailed Instructions

ThinPoint Quick Start Guide

ASUS WL-5XX Series Wireless Router Internet Configuration. User s Guide

Online Test Administrator Quick Reference Guide Updated 08/02/2012 v.2.0

UBC Digital Signage Service: CoolSign 5.0 Initial Set- up Guide

Vodafone PC SMS (Software version 4.7.1) User Manual

Quick Installation Guide

The initial set up takes a few steps, but then each time you want to connect it is just a two set process.

Quick Installation Guide

Iridium Extreme TM Satellite Phone. Data Services Manual

Installation. The product model shown in this QIG is TD-W8961ND, as an example.

Cox Managed CPE Services. RADIUS Authentication for AnyConnect VPN Version 1.3 [Draft]

Release Notes. Pre-Installation Recommendations... 1 Platform Compatibility... 1 Known Issues... 2 Resolved Issues... 2 Troubleshooting...

7 6.2 Windows Vista / Windows IP Address Syntax Mobile Port Windows Vista / Windows Apply Rules To Your Device

Allworx Installation Course

Using Device Discovery

WatchGuard Mobile User VPN Guide

WEBSERVER OPERATION MANUAL

Contents. Hardware Configuration Uninstalling Shortcuts Black...29

How to Connect to Remote Desktop & How to Use Cisco AnyConnect Secure Mobility Client Secure VPN Connection

Print Server Application Guide

LifeCyclePlus Version 1

Installation Instruction STATISTICA Enterprise Server

STATISTICA VERSION 10 STATISTICA ENTERPRISE SERVER INSTALLATION INSTRUCTIONS

Important Notes for WinConnect Server VS Software Installation:

Installing VPN for PC v1.3

Receiver Updater for Windows 4.0 and 3.x

Metasys System Direct Connection and Dial-Up Connection Application Note

Verizon Remote Access User Guide

STATISTICA VERSION 12 STATISTICA ENTERPRISE SMALL BUSINESS INSTALLATION INSTRUCTIONS

This guide provides all of the information necessary to connect to MoFo resources from outside of the office

USER GUIDE. Ethernet Configuration Guide (Lantronix) P/N: Rev 6

UCL Remote Access VPN Service Microsoft Windows XP User Guide

Remote Terminal Service (RTS) User Guide (Version 2.1)

SATO Network Interface Card Configuration Instructions

Setting up a Virtual Private Network (VPN) connection Windows 8

Wireless Router Setup Manual

REMOTE DESKTOP WEB PORTAL (RD Web) ACCESS GUIDE Updated 12/30/2013

STATISTICA VERSION 11 CONCURRENT NETWORK LICENSE WITH BORROWING INSTALLATION INSTRUCTIONS

client configuration guide. Business

Installation and Configuration of VPN Software

Configuring SSL VPN on the Cisco ISA500 Security Appliance

Remote Access Portal (RAP) Installation and User Guide

WiFi Internet Access. Windows XP Setup Instructions. Please Return After Use. Produced Oct 2010

DOE VPN Client Installation and Setup Guide March 2011

User Manual. 3CX VOIP client / Soft phone Version 6.0

Option nv, Gaston Geenslaan 14, B-3001 Leuven Tel Fax Page 1 of 14

Remote Access Services Microsoft Windows - Installation Guide

ADSL Router Quick Installation Guide Revised, edited and illustrated by Neo

a) Network connection problems (check these for existing installations)

McAfee SMC Installation Guide 5.7. Security Management Center

Campus VPN. Version 1.0 September 22, 2008

Connecting to LRDC Fileserver Remotely Using Windows Vista/7 & SRemote VPN

WebSpy Vantage Ultimate 2.2 Web Module Administrators Guide

FI8910W Quick Installation Guide. Indoor MJPEG Pan/Tilt Wireless IP Camera

Remote Desktop Instructions for the Remote PC Running Windows Vista

VPN AND CITRIX INSTALLATION GUIDE

Cisco Clientless VPN Installation and Troubleshooting Tips

Mercy s Remote Access Instructions

Troubleshooting File and Printer Sharing in Microsoft Windows XP

How to Configure Outlook Client for Exchange

Deploying BitDefender Client Security and BitDefender Windows Server Solutions

Installation Instruction STATISTICA Enterprise Small Business

Transcription:

01. Introduction MITA VPN users can be assigned one of two types of profiles Client-Based or Web-Based, depending on the type of access required. When logging on to the MITA VPN Portal https://vpn.secure.gov.mt, the user s type of profile will be detected automatically. If the account is based on a web interface, the user will be directed to the VPN s web interface, while if the user s account is based on the client software, the installation will be triggered automatically. The setup will detect the Operating System and install the appropriate VPN Client Software version. Java and/or ActiveX might be required. Alternatively, the MITA VPN Software can be downloaded from http://vpn.mita.gov.mt. This document provides brief descriptions (and screenshots) of the errors that might be encountered when using Cisco AnyConnect software, and how to proceed in solving the issue. Error The exact error wording given by the software Cause What might be causing the issue Solution Suggested action to solve the issue The easiest way look for a specific error is by using the Search function of the document (Ctrl + F), and type part or the entire message appearing in the Error dialogue box. 02. Error Details for MITA VPN Cisco AnyConnect Client Software 02.1 Error: AnyConnect is not enabled on the VPN server Cause: The VPN Account is associated with a profile which existed prior to the VPN migration project. Solution: The user should contact MITA Service Call Centre, so that the Networks Team associates the VPN account with a profile which was created on the new VPN setup. Security Classification: Unclassified 1 of 15

02.2 Error: Login Failed Cause: Incorrect credentials are being inserted or the Security Token status is invalid. Solution: Confirm that the correct credentials are being inserted: o Username in the Username field (no CORP\) o CORP Password (case sensitive and no spaces) + Number on the Security Token in the Password field If the error persists, contact MITA Service Call Centre to check the Security Token status. 02.3 Error: Connection attempt failed Cause: Incorrect credentials are being inserted, or the Security Token status is invalid. Solution: Confirm that the correct credentials are being inserted: o Username in the Username field (no CORP\) o CORP Password (case sensitive and no spaces) + Number on the Security Token in the Password field If the error persists, contact MITA Service Call Centre to check the Security Token status. 2 of 15

02.4 Error: 1 st Dialogue Box - The Secure Gateway has rejected the connection attempt. A new connection attempt to the same or another secure gateway is needed, which requires re-authentication. The following message was received from the secure gateway: Host or network is 0 2 nd Dialogue Box - AnyConnect was not able to establish a connection to the specified secure gateway. Please try connecting again. Cause: The user s workstation was assigned an invalid IP while trying to connect to the VPN. The IP is either duplicate or empty. Solution: The user shall try to connect to the VPN again. If the error persists, contact MITA Service Call Centre and quote the error given. 3 of 15

02.5 Error: The VPN connection is not allowed via a local proxy. This can be changed through AnyConnect profile settings. Cause: AnyConnect prevented the use of a local proxy to establish a VPN Connection. Solution: Remove the local proxy settings and try a new VPN connection. The proxy settings in Internet Explorer can be changed as follows: 1. Click the Tools button, and then click Internet Options. 2. Click the Connections tab, and then click LAN settings. 3. Deselect the Use a proxy server for your LAN check box. 4. Select the Automatically detect settings check box. 5. When finished making changes, click OK until you return to Internet Explorer. Solution 2: Disable any Anti-Virus or Internet Security Software prior to connecting to VPN. Software known to cause such error is Kaspersky Anti-Virus and Internet Security. 4 of 15

02.6 Error: 1 st Dialogue Box - The VPN client driver has encountered an error. 2nd Dialogue Box - AnyConnect was not able to establish a connection to the specified secure gateway. Please try connecting again. Cause: Cisco AnyConnect software was corrupted during installation, either because an error occurred during the installation or because it was interrupted while being installed. This error might also be caused due to Cisco bug (ID CSCsm54689) or a recent Microsoft update to the certclass.inf file. Solution: Make sure that Routing and Remote Access Service is disabled before starting AnyConnect. If this does not resolve the issue, complete the following steps: 1. Open a command prompt as an Administrator on the PC (elevated prompt on Vista). 2. Run net stop CryptSvc. 3. Run esentutl /p %systemroot%\system32\catroot2\{f750e6c3 38EE 11D1 85E5 00C04FC295EE}\catdb 4. When prompted, choose OK to attempt the repair. 5. Exit the command prompt. 6. Reboot workstation. If repair fails, complete the following steps: 1. Open a command prompt as an Administrator on the PC (elevated prompt on Vista). 2. Run net stop CryptSvc. 3. Rename the %WINDIR%\system32\catroot2 to catroot2_old directory. 4. Exit the command prompt. 5. Reboot. One can analyze the database at any time in order to determine if it is valid. 1. Open a command prompt as an Admimistrator on the PC. 2. Run esentutl /g %systemroot%\system32\catroot2\{f750e6c3 38EE 11D1 85E5 00C04FC295EE}\catdb 3. Refer to System Catalog Database Integrity for more information. 5 of 15

02.7 Error: Could not connect to server. Please verify Internet connectivity and server address. Cause: The user s workstation has one of the following: No internet connection Multi-network connectivity (eg. connected to a WiFi network and via UTP simultaneously) Government Network (at work) SOHO Router (Router provided by MITA at the user s home) Solution: Connect the workstation to a proper internet connection, such as a MITA Fast Remote connection or private Internet connection. If connected to the Government Network or a SOHO Router, the VPN account is not required. If using a laptop and it is connected via a network cable, make sure that its Wireless Network Card is disabled / switched off. This can be done in different ways, depending on the model. 6 of 15

02.8 Error: AnyConnect was not able to establish a connection to the specified secure gateway. Please try connecting again. Cause: DNS Failure Bridged connections (Wired and Wireless) Solution: Insert IP 217.71.180.126 instead of vpn.secure.gov.mt, and click Connect If the above does not work, try to resolve vpn.secure.gov.mt in Command Prompt 1. Click on Start, and select Run 2. Type cmd, and click OK 3. Type nslookup vpn.secure.gov.mt 4. The following should appear: Name: vpn.secure.gov.mt Address: 217.71.180.126 Connect only to one type of connection. If using a laptop and it is connected via a network cable, make sure that its Wireless Network Card is disabled / switched off. This can be done in different ways, depending on the model. If the above steps do not work, power-cycle the Modem or contact ISP. 7 of 15

02.9 Error: The VPN client agent was unable to create the interprocess communication depot. Cause: Internet Connection Sharing (ICS) is enabled. Solution: Disable Internet Connection Sharing for Windows Vista and Windows 7 by completing the following steps: 1. Open Network Connections by clicking the Start button, clicking Control Panel, clicking Network and Internet, clicking Network and Sharing Center, and then clicking Manage Network Connections. 2. Right-click the Shared Network Connection, and then click Properties. If prompted for an administrator password or confirmation, type the password or provide confirmation by clicking Continue. 3. Click the Sharing tab, clear the Allow other network users to connect through this computer's Internet connection check box, and then click OK. 02.10 Symptoms: User connects to VPN using Cisco AnyConnect, however the access to certain services such as File Sharing or specific applications is slow or not permitted. Cause: If connected to a Melita Private connection using a wireless modem (provided by Melita), a number of services / ports are blocked by the firewall on the wireless modem Solution: Contact Melita / modify the Wireless modem settings as follows: o Firewall TAB Disable: IP Flood Detection Disable: Firewall Protection o Advanced TAB Enable: IPSEC pass-through Enable: PPTP pass-through 8 of 15

02.11 Error: Failed to initialize connection subsystem. Cause: The latest Windows Operating System (such as Windows 8.1) is incompatible. Solution: 1. Go to the Start Screen of Windows 8.1 and search for the Cisco AnyConnect Secure Mobility Client icon (or just type it on the Start Screen). 2. Right click the icon and select Open File Location. 9 of 15

3. Right click the Cisco AnyConnect Secure Mobility Client (Shortcut) and select Properties. 4. Click on Compatibility tab 5. Tick Run this program in compatibility mode for: and select Windows 8. 6. Click OK. 7. Restart the workstation and try connecting again. 10 of 15

02.12 Producing a DART (Diagnostic AnyConnect Reporting Tool) Bundle Sometimes certain troubleshooting is more difficult to perform and a DART Bundle will be required, in order to analyse the root cause of the problem, based on the logs recorded from the user s Workstation. The DART Software is automatically installed when a user logs on to MITA VPN for the first time using Cisco AnyConnect. It is important not to interrupt any installations or updates which are triggered automatically by the VPN software. Reference: http://www.cisco.com/en/us/docs/security/vpn_client/anyconnect/anyconnect30/administration/guide/ac12managemonitortbs.ht ml#wp1058628 02.12.1 Running DART on Windows To run the DART wizard and create a DART bundle for Windows, follow these steps (screenshots provided below): 1. Open Cisco AnyConnect and click Advanced. 2. Click the Statistics tab and then click the Diagnostics button at the top of the dialog box. 3. Click Next at the Welcome screen. 4. In the Bundle Creation Options area, select Default. The Default option includes the typical log files and diagnostic information, such as the AnyConnect and Cisco Secure Desktop log files, general information about the computer, and a summary of what DART did and did not do. 5. By clicking Next at the bottom of the dialog box, DART immediately begins creating the bundle. This process might takes a few minutes wait until it finishes. 6. Click Finish after DART finishes creating the bundle. The default name for the bundle is DARTBundle.zip, and by default it is saved to Desktop. 7. The zip file can be sent by email to MITA Service Call Centre or Team for further diagnoses. Step 1 11 of 15

Step 2 Step 3 12 of 15

Steps 4 & 5 Step 6 Zip File created on Desktop 13 of 15

03. Error Details for MITA VPN Portal - WebVPN 03.1 Error: properjavardp error Connection Exeption Wrong Modulus size! Expected64+8got:264 Cause: Java does not support a Remote Desktop connection to 64-bit Operating Systems. ActiveX might be disabled. The user might not have Administrator privileges. Solution: If connected to the VPN portal and trying to connect to a 64-bit Operating System through RDP, ActiveX has to be enabled while Administrative privileges are required during the initial installation. Mozilla Firefox browser probably will not work at all. It is suggested that in this case Internet Explorer is used. 14 of 15

04. Modification History Version Date Author Comments Draft 0.1 01/06/2011 Draft version for internal review Version 1.0 27/09/2012 First version for release Version 1.2 17/02/2015 Updates related to method of Authentication and Compatibility 05. Authorisation Issuing Authority Approval Authority Signature and Date: Signature and Date: Name: Position: Name: Position: Stefan Briffa Networks Manager 15 of 15

2024 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information