Meraki

Community

Cisco Secure Client cannot establish a connection

MFG
Comes here often
‎Sep 19 2024 7:42 AM
‎Sep 19 2024 7:42 AM

Cisco Secure Client cannot establish a connection

When trying to connect using the latest version of Cisco Secure Client to our MX appliance, some clients using Windows 11 will successfully authenticate to the VPN using A/D credentials, however, they get an error 

 

The certificate on the secure gateway is invalid.  A VPN connection could not be establishted

followed by

Cisco Secure Client was not able to establish a connection to the specified secure gateway

 

I have exported the Windows A/D server certificate and imported it to the local cert manager on the client. 

 

I am assuming the secure gateway is the Windows A/D server, but am not sure.  We are using Windows Server 2022 Standard.  

 

I do see some errors on the A/D server relating to TLS.  It appears to be enabled based on the gpedit.   I do not think SSL is enabled on the server but not sure if that is a requirement.

 

What other things can I check?

Labels:
0 Kudos
2 Replies 2
MFG
Comes here often
‎Sep 19 2024 7:47 AM
‎Sep 19 2024 7:47 AM

The other thing is it isn't all clients.   The majority are connecting without any issue

0 Kudos
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Sep 20 2024 2:58 PM
‎Sep 20 2024 2:58 PM

>The certificate on the secure gateway is invalid.

 

Are you using the AnyConnect auto-generate certificate on the MX.  If so, are you connecting to the dynamic DNS name?  If not, you'll get this error.

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.