Macos Cisco Anyconnect No Valid Certificates Available For Authentication

 

Can someone help? I did a clean installation of the system, started from scratch.

Macos Cisco Anyconnect No Valid Certificates Available For Authentication

I installed Safenet Authentication Client version 10.2.97.0.

Cisco Anyconnect version 4.8.02042.


After inserting the token Safenet detects it correctly. I can see all the certificates.

Then i try some commands:


Posted by Jack Jul 19 th, 2013 anyconnect, cisco, tips, troubleshooting. Podcast A podcast exploring true stories from the dark side of the Internet. Subscribe to the TunnelsUp mailing list and get tips, early access to. Next is to check Anyconnect profile for this machine. Now we need to go back into the connection profile and enable two-factor authentication using certificates. Go to Configuration Remote Access VPN Network (Client) Access AnyConnect Connection Profiles. Edit the profile you just created. Under Authentication section choose 'Both'. Cisco AnyConnect v4.2 - No Valid Certificates Available for Authentication Pulling my hair out on this one - user with Windows 10 v1607 (build 14393.693) and Cisco AnyConnect v4.2.04039. Originally, worked fine with two remote sites. AnyConnect No valid certificates available for authentication Hi, We are using Cisco Anyconnect 3.0.0629 with certificate authentication (stored in Aladdin eToken) Most of users have no problem and it works fine. When one user tried to connect, he got a lot of errors 'No valid certificates available for au.

security list-smartcards

No smartcards found. (this is the problem?)

Certificate


sc_auth identities (this works fine)

SmartCard: com.gemalto.Gemalto-Smart-Card-Token.PKCS11-Token:024d6624

and 2 unpaired certyficates...


Message from cisco: no valid certificates available for authentication.



Why after clean install i got the same error No smartcards found?


For everyone at work works fine, MacOs correctly detects Smartcard. Where is the problem?


My setup:

MacBook Pro 15-inch, 2017

Catalina 10.15.3


Mar 18, 2020 5:16 AM

Cisco AnyConnect is the recommended VPN client for Mac. The built-in VPN client for Mac is another option but is more likely to suffer from disconnects.

Overview

Stanford's VPN allows you to connect to Stanford's network as if you were on campus, making access to restricted services possible. To connect to the VPN from your Mac you need to install the Cisco AnyConnect VPN client.

Two types of VPN are available:

  • Default Stanford (split-tunnel). When using Stanford's VPN from home, we generally recommend using the Default Stanford split-tunnel VPN. This routes and encrypts all traffic going to Stanford sites and systems through the Stanford network as if you were on campus. All non-Stanford traffic proceeds to its destination directly.
  • Full Traffic (non-split-tunnel). This encrypts all internet traffic from your computer but may inadvertently block you from using resources on your local network, such as a networked printer at home. If you are traveling or using wi-fi in an untrusted location like a coffee shop or hotel, you may wish to encrypt all of your internet traffic through the Full Traffic non-split-tunnel VPN to provide an additional layer of security.

You can select the type of VPN you want to use each time you connect.

Install the VPN client

Certificates
  1. Download the Cisco AnyConnect installer for Mac.
  2. Double-click the InstallAnyConnect.pkg file to start the Cisco AnyConnect Installer wizard.
  3. When the Welcome window displays, click Continue.
  4. Select your hard drive as the destination where you want to install Cisco AnyConnect and then click Continue.
  5. Click Install to perform a standard installation of the software.
  6. At the prompt, enter your administrator account password for the Mac and click Install Software.
  7. When the software has finished installing, click Close.

Connect to the Stanford VPN

Cisco Anyconnect Certificate Installation

  1. To launch the VPN client, open your Applications folder and navigate to Cisco > Cisco AnyConnect Secure Mobility Client.app.
  2. When prompted for a VPN, enter su-vpn.stanford.edu and then click Connect.
  3. Enter the following information and then click OK:
    • Group: select Default Stanford split- tunnel (non-Stanford traffic flows normally on an unencrypted internet connection) or Full Traffic non-split-tunnel (all internet traffic flows through the VPN connection)
    • Username: your SUNet ID
    • Password: your SUNet ID password

  4. Next, the prompt for two-step authentication displays.
    • Enter a passcode or enter the number that corresponds to another option(in this example, enter 1 to authenticate using Duo Push on an iPad). You may have to scroll down the list to see all of your options. Then click Continue.
    • If your only registered authentication method is printed list, hardware token, or Google Authenticator, the menu does not display. Enter a passcode in the Answer field and click Continue.
  5. Click Accept to connect to the Stanford Public VPN service.
  6. Once the VPN connection is established, the Cisco AnyConnect icon with a small lock appears in the dock.

Cisco Anyconnect Certificate Validation Failure

Disconnect from the Stanford VPN

  1. Click the Cisco AnyConnect icon with a small lock.
  2. At the prompt, click Disconnect.