AnyConnect Issue

Hello and thanks in advance.

I have the following issue, I just configured AnyConnect on our firewall, and it works for Mac, but not for Windows.
I have no issues connecting Mac Clients, but when it comes to Windows I get this (see the screen shots) And I have done it with and without Antivirus and local fwalls enabled.

Any ideas?
1st error2
Your help will be appreciated.
Katrach0System AdminAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Pete LongTechnical ConsultantCommented:
Do you have a windows and mac image loaded?


Type help or '?' for a list of available commands.
Petes-ASA> en
Password: ********
Petes-ASA# show run webvpn
webvpn
 enable outside
 anyconnect image disk0:/anyconnect-macosx-i386-4.0.00061-k9.pkg 1
 anyconnect image disk0:/anyconnect-win-4.0.00061-k9.pkg 2
 anyconnect enable
 tunnel-group-list enable
Petes-ASA#
0
btanExec ConsultantCommented:
i noticed in notes
To start AnyConnect with WebLaunch, you must use the 32-bit version of Firefox 3.0+ and enable ActiveX or install Sun JRE 1.4+.
http://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect31/release/notes/anyconnect31rn.html#pgfId-44076
Q. Does AnyConnect require any Java and Permissions?

A. The AnyConnect client requires either ActiveX or Java to use the web-based connection/install. For ActiveX, the user will need to have permission to install into their web browser (or it can be pre-installed). If ActiveX is not supported or used, Java is attempted. Java Runtime Environment version can 1.4.x and above is required. The Java implementation is an applet and is browser-based (no download).

On the first connection, the ActiveX/Java would be used to install the AnyConnect client software. This requires administrative rights. Subsequent connections do not require admin rights (even for client upgrades). The client has a standalone installer for cases where admin privileges are not granted to the user.
https://supportforums.cisco.com/document/7651/anyconnect-vpn-client-faq#Q._Does_AnyConnect_require_any_Java_and_Permissions
Internet Explorer, Java 7, and AnyConnect 3.1.1 Interoperability

Supported versions of Internet Explorer stop working when the user attempts to connect to the ASA, when Java 7 is installed on the endpoint, when Host Scan is installed and enabled on the ASA, and when AnyConnect 3.1.1 is installed and enabled on the ASA.
This does not happen when Active X or earlier versions of Java 7 are installed. To avoid this, use a supported version of Java on the endpoint that is earlier than Java 7.
Refer to the Bug Toolkit and defect CSCuc48299 to verify.
http://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect31/release/notes/anyconnect31rn.html#77383
http://www.cisco.com/c/en/us/support/docs/security/hostscan/117097-trouble-java7-00.html#anc6
Q. Is AnyConnect weblaunch installation supported on 64-bit browsers (IE - Internet Explorer)?

A. AnyConnect installation via weblaunch is not supported on 64-bit IE browsers.
https://supportforums.cisco.com/document/7651/anyconnect-vpn-client-faq#Q._Is_AnyConnect_weblaunch_installation_supported_on_64-bit_browsers_IE_-_Internet_Explorer
0
Katrach0System AdminAuthor Commented:
When I run the command this is what I get:

asa# sh run webvpn
webvpn
 enable outside_primary
 svc image disk0:/anyconnect-win-3.1.08009-k9.pkg 1
 svc image disk0:/anyconnect-macosx-i386-3.1.08009-k9.pkg 2
 svc enable
 tunnel-group-list enable
 tunnel-group-preference group-url
asa#
0
Katrach0System AdminAuthor Commented:
This Fixed it.
Adding the following algorithms fixed the problem I was having:
AES256-SHA1
AES128-SHA1
3DES-SHA1


Thanks for all your help IT's, but this fixed it for me.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Katrach0System AdminAuthor Commented:
It's working as it should.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
VPN

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.