Chris 6:23 am on February 11, 2015
Tags: 1324, 14312, 1663, 19254, 2585, 29603, 31988, 31989, 752

Cisco AnyConnect “Failed to initialize connection subsystem”

Update 3/11/2015 11:31 CST:

Microsoft has included the fix for AnyConnect and Windows 8.1 in the 3/10/2015 Windows Update. See KB #3040335

Update 2/16/2015 16:11 CST:

Per Cisco: Microsoft has released a fix-it patch providing a workaround for this issue. See KB# 3023607

When you visit the KB page, it appears you have to scroll down to the “Microsoft Fix It” button and install the AppCompat shim which is Microsoft Fix it 51033. This is a bit confusing, so be sure to click that button.

Microsoft is planning to include the fix with the Microsoft March Patch Tuesday release (subject to change)

I run Windows 8.1 and run Cisco AnyConnect Secure Mobility Client version 3.1.03103 to access a VPN.

Today, after I hit connect, it stopped working out of the blue with the error:

Failed to initialize connection subsystem

Thanks to ‘I Think – Therefore “IBM I”‘ blog I was able to quickly resolve the issue. I’m assuming this had to do with a recent Windows Update. Here’s the final solution:

Close the Cisco AnyConnect Window and the taskbar mini-icon
Right click vpnui.exe in the “Cisco AnyConnect Secure Mobility Client” folder. (I have it in “C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\”
Click on the “Run compatibility troubleshooter” button
Choose “Try recommended settings”.
The wizard suggests Windows 8 compatibility.
Click “Test Program”. This will open the program.
Close
Some people may need to repeat the above steps for vpnagent.exe. That is the local service that supports the client user interface.

If you use group policies, Kim commented using the following for Windows 7 mode:

Make a GPO that added this key:

HKEY_LOCAL_MACHINE
SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers
Valuename : C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
Valuedata : ~ WIN7RTM

Update 2/11/2015 13:52 CST:

Cisco has notified me that they have escalated this issue to Microsoft for investigation.

This issue was introduced by KB# 3023607: Secure Channel cumulative update changes TLS protocol renegotiation and fallback behavior (https://support.microsoft.com/kb/3023607)

Included with Microsoft Security Bulletin MS15-009 – Critical Security Update for Internet Explorer (3034682)

This issue should also affect Windows 7 user with IE 11, but no reports of failure have been seen yet.

Update 2/12/2015 10:22 CST:

Cisco recommends that all customers open their own cases with Microsoft since the ultimate fix will need to come from them. You can feel free to reference Cisco’s case #115021112390273 in order to expedite having your ticket properly triaged by their support team. source

#1324, #14312, #1663, #19254, #2585, #29603, #31988, #31989, #752

Levan 11:22 am on February 11, 2015

Thanks a lot. Run into this issue after yesterday’s Windows 8.1 updates. Your solution worked flawlessly!

NOTE to others (just in case):
on step 3 click on the “Run compatibility troubleshooter” button…
- Oldsoldier 4:17 pm on February 13, 2015
  
  What a lifesaver!!! I ran into this also (and I work for Cisco)!!
- Mark 3:34 pm on February 17, 2015
  
  Thank you. Worked for me. Had to right-click and exit the Cisco app from the Windows tray/bottom right on task bar though.
- kushal 6:22 pm on February 19, 2015
  
  still not working i followed the same steps,i get windows 7 in the recommended settings don’t know why ..need help please
  - the geek 11:18 pm on February 24, 2015
    
    adding the windows registry entry worked for me (windows 7) but my path is different than mentioned so i adjusted accordingly (C:\Program Files (x86)\Cisco\Cisco AnyConnect VPN Client\vpnui.exe)
  - Haseeb 7:29 pm on March 6, 2015
    
    Use the microsoft fixit as given below then run the app in compatibility mode.
tyy 2:01 pm on February 11, 2015

Yes, this was due to latest WIndows 8.1 update. I just verified with an other computer that this was the case.

Thanks for the solution!
James 2:27 pm on February 11, 2015

Thank you SO much! Was freaking out about this as I tried to log in the company’s VPN this morning after a big Windows update. You saved me a lot of wasted time. Much appreciated! -James
evan nguyen 5:05 pm on February 11, 2015

Chris T. – thanks for this information. it worked for me with Windows 8.1.
KCS 7:29 pm on February 11, 2015

You are a genius! Thank you so much for being so smart and sharing this information.
veraperezp 8:19 pm on February 11, 2015

This issue just hit me right after I did the 8.1 updates, thank you so much!
Trevor 8:25 pm on February 11, 2015

Chris – do you know which KB is the problem one?
- Chris 8:37 pm on February 11, 2015
  
  3023607 – please see update in post
  - Stan 5:19 am on February 17, 2015
    
    Chris, Thanx I have been updating groupuser key unsinstalling ie reinstalling upgrading to version 12 and at last have found a fix in your article…
George N 8:41 pm on February 11, 2015

I have over 200 users this will potentially affect. Does anyone know of a way to push this fix to a group? I didn’t see anything via Group Policy.
Burley 9:56 pm on February 11, 2015

Hi Chris, Thanks for the post. The only way I was able to get my system to work (Windows 8.1 Pro) (cisco anyconnect 3.1.05170) was to uninstall update 3023607. That worked thankfully.
- Tracy 8:12 pm on February 14, 2015
  
  Uninstalling the update worked like a charm! Thanks so much Burley!
Shannon 11:48 pm on February 11, 2015

Didn’t work for me! Help!!
MRK 1:47 am on February 12, 2015

Tried this fix multiple times but it didn’t work. Any other ideas?
- Chris 2:03 pm on February 12, 2015
  
  Try the regedit fix located in the link to the other blog.
MRK 1:51 am on February 12, 2015

I’m in a Chat with tech support for site I’m trying to connect to and the gentleman is telling me I need to run REGEDIT. I don’t know what this is. Is that a good idea?
- Chris 2:03 pm on February 12, 2015
  
  Follow the link to the other blog in the article. There are instructions there.
Ivan Histand (@iHistand) 4:17 am on February 12, 2015

Chris, thanks for the info. Unfortunately your fix didn’t work for me, however your note about the 3023607 update did help, I uninstalled that and turned off automatic updates and the problem is solved, at least temporarily. Thanks much!
guilintracy 6:11 am on February 12, 2015

Thanks! I met this problem since I updated the win 8 last night (Feb 11). Your post is just in time!
Mads 8:28 am on February 12, 2015

Uninstalled KB3023607 and now it’s working again – Thanks alot!
- Lihlu_mile 6:46 am on February 13, 2015
  
  Hi, after uninstalling all the updates from from the 11th it worked. Not sure which one but hey, at least that works..
  - Chris 2:54 pm on February 13, 2015
    
    Glad it got working for you. You can not the KB# in the article which corresponds to the Windows Update. The vast majority of Windows Updates are a good thing to install.
Kim 9:26 am on February 12, 2015

Did any of you find a central solution?
The Windows7 compatibility mode works, but how do we change this on hundreds of users computers?
I tried to uninstall the update KB3023607
Also tried to add the reg-key current_user\software\microsoft\windows\currentversion\Internet Settings…. GlobalUserOffline=1
None of these 2 works…… Nice if any of you found a regkey, that was possibly to add/change in GPO…
- Chris 2:01 pm on February 12, 2015
  
  Kim – did you restart after adding the reg key?
  - Kim 2:10 pm on February 12, 2015
    
    I found a quick solution. I made a GPO that added this key:
    Create:
    HKEY_LOCAL_MACHINE
    SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers
    Valuename : C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
    Valuedata : ~ WIN7RTM
    
    Now the cisco client runs in Win7-mode. It works.
Parameswari 10:12 am on February 12, 2015

issue is not fixed. when i cick “test program” its opening Cisco AnyConnect Secure Mobility Client.clickng on connect same issue occuring “Failed to Initialize connection subsystem”.can you please suggest me.
Jiri 10:27 am on February 12, 2015

Unfortunately in my 3.0.07059 there is no Windows 8.0 compatibility at all…
- Abhijeet 3:54 pm on February 12, 2015
  
  Right click on the vpnui.exe and select Properties->Compatibility. Select “Run this program for compatibility mode for: Windows 8”. Also, do the same for vpnagent.exe.
Liam 10:35 am on February 12, 2015

Thanks Chris. I’ve been removing KB3023607 on 8.1 machines once I identified it as the culprit. All our W7 32-bit machines are fine so far, regardless of IE9, 10 or 11.
Any feedback yet from Cisco/Microsoft? I like to have everyone patched, but may also have to plan for tweaking AnyConnect on lots of 8.1 machines.
Kimberly Palocsay 12:33 pm on February 12, 2015

Thank you. The tech support at Job #1 used the solution of uninstalling windows updates and then hiding the updates. Seems like a bandaid to me. Job #2 as Tech support agent requires windows auto update to be on, so the bandaid fell off. Your solution solved the problem and eiliminated the need for bandaids!
Adam 1:27 pm on February 12, 2015

Same issue here after Win 8.1 update 10 Feb, resolved as above. Thanks a lot for posting the resolution, Chris.
Robbert 1:39 pm on February 12, 2015

Thanks Chris.
Great help for me and me colleague.
Also in the Netherlands…
Vicki N. (@nvictta) 2:02 pm on February 12, 2015

Still having this problem even after testing the program. Any other way around it?
- Kimberly Palocsay 8:34 pm on February 12, 2015
  
  Make sure you have closed the program completely. Even right click the icon in the notification area and exit. We are finding that many skip that step, causingthe fix not to work.
  - Frogeye 1:09 pm on March 7, 2015
    
    I used the trouble shooter to set both vpnui.exe and vpagent to recommened settings for windows 8, but it wasn’t working. After I right-clicked on the icon in the notification area and quit the program it started working again. Thanks Chris & Kimberly!
veraperezp 2:14 pm on February 12, 2015

Chris, at least for my 8.1 the compatibility check was enough, I had no need to either block the kb patch or make a registry edit. About 18 straight hours running smoothly plus we’ll know what to do as the rest of our laptops pick up the update, thanks again for this.
- Christian 3:36 pm on February 12, 2015
  
  Additionally I had to stop the service called”Cisco AnyConnect Secure Mobility Agent” in step 1 and start again before testing in step 6. Only that way it worked for me.
Jaja 2:56 pm on February 12, 2015

thank you work fine for me. Be sure to have “Quit” the program before applying the setting proposed by the Trouble shooter wizard.
jiff 3:30 pm on February 12, 2015

it worked!!! thanks a lot, before searching, i tried to reinstall, system restore, but nothing worked.
Liam 4:09 pm on February 12, 2015

Cisco have apparently opened a Priority1 case with Microsoft about this: https://supportforums.cisco.com/discussion/12423591/latest-microsoft-feb-2015-patch-breaks-anyconnect-smc#comment-10269146
Codepenguin 4:47 pm on February 12, 2015

The fastest solution for me was to right click vpnui.exe, click the Compatibilty Tab and Run in Compatiblity for Windows 7.

I can also confirm that it broke after applying Windows 8.1 updates this morning.
afiat 5:25 pm on February 12, 2015

I changed vpnui into window 7 compatibility, and it works. First of all, close from vpn anyconnect, then go to vpnui in windows explorer, just right click on vpnui –> click properties –> click “compatibility” –> change run compatibility from windows 8 to windows 7 –> apply–> OK
- hiksmoeda 2:14 am on February 13, 2015
  
  I changed vpnui into window 7 compatibility, and it works.
  
  Thanks afiat
Jeff B 5:32 pm on February 12, 2015

Before this, I attempted to Repair and Reinstall using the Cisco installer and neither worked, FYI. The Compatibility check got it done for me on Win 8.1 PRO, with Cisco Anyconnect 3.0.07059
- Darius 3:39 pm on February 13, 2015
  
  Windows 8.1 x64 Enterprise and AnyConnect 4.0
  
  We ended up using a cmd file to merge reg key (contents of both below).
  
  @ECHO OFF
  
  REM This will Stop VPNAGENT
  net stop “Cisco AnyConnect Secure Mobility Agent”
  
  REM Insert Registry Keys
  regedit.exe /s “.\WIN8FixVPN_21215.reg”
  
  REM This will start VPNAGENT again
  net start “Cisco AnyConnect Secure Mobility Agent”
  
  Windows Registry Editor Version 5.00
  
  [HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers]
  “C:\\Program Files (x86)\\Cisco\\Cisco AnyConnect Secure Mobility Client\\vpnui.exe”=”~ WIN7RTM”
  “C:\\Program Files (x86)\\Cisco\\Cisco AnyConnect Secure Mobility Client\\vpnagent.exe”=”~ WIN7RTM”
  
  [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers]
  “C:\\Program Files (x86)\\Cisco\\Cisco AnyConnect Secure Mobility Client\\vpnui.exe”=”~ WIN7RTM”
  “C:\\Program Files (x86)\\Cisco\\Cisco AnyConnect Secure Mobility Client\\vpnagent.exe”=”~ WIN7RTM”
  
  Thank you all
  
  Darius
  - Jason Myrand 6:03 am on February 18, 2015
    
    Thanks for the info. The “Microsoft Fix it 51033 patch” worked for me on windows 8.1!
  - Gustavo 6:53 pm on March 10, 2015
    
    Thanks Chris, thanks a lot, it work perfectly on W 8.1!!!
SlyckVic 7:58 pm on February 12, 2015

This should work in a .reg file:
Windows Registry Editor Version 5.00

[HKEY_CURRENT_USER\Software\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Layers]

“C:\\Program Files (x86)\\Cisco\\Cisco AnyConnect Secure Mobility Client\\vpnui.exe”=”~ WIN8RTM”
Govind 10:26 pm on February 12, 2015

Uninstall that update KB3023607 will also solve the problem
jttrs 4:15 am on February 13, 2015

I rarely comment on the internet, but your post just saved me a lot of trouble. Thanks!
Catherine 4:45 am on February 13, 2015

The only thing that worked for me was uninstalling the update KB3023607.
S 9:47 am on February 13, 2015

Uninstalling the Windows update worked! Thanks internet for saving me!
stevenhb13 7:55 pm on February 13, 2015

So I uninstalled the update, changed compatibility mode to Windows 8 (and tried 7 using the reg keys suggested by Darius), added the GlobalUserOffline as a string with value 1, and rebooted (a few times) with no luck. Any other suggestions?

I’m running Windows 8.1 Pro and Cisco AnyConnect Secure Mobility Client 3.1.04072
MW 9:01 pm on February 13, 2015

I have windows 8.1 running with the KB3023607 update installed and have AnyConnect 4.0.00061 running without compatibility mode. I did not find the reason why that patch would break AnyConnect and enabling Windows 8 Compatibility Mode would fix that.
What I saw was that in the background access to the rasphone was blocked by McAfee Access Protection:
Blocked by Access Protection rule C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe C:\Users\***\AppData\Roaming\Microsoft\Network\Connections\Pbk\_hiddenPbk\rasphone.pbk Anti-virus Maximum Protection:Protect phonebook files from password and email address stealers Action blocked : Read

I disabled the on demand dialing via netsh:

First look at the current default settings:

C:\Windows\system32>netsh ras show type

Routing and Remote Access Server Properties
——————————————–
IPv4 Router : LAN and demand-dial routing
IPv6 Router : Not Enabled
IPv4 Remote Access Server : Enabled
IPv6 Remote Access Server : Not Enabled

To disable demand-dial routing:
netsh ras set type ipv4rtrtype = lanonly ipv6rtrtype = none rastype = none

That fixed the rasphone “dialing” and McAfee wouldn’t complain anymore.

But I still had a few occassions where the AnyConnect wouldn’t start, disabling autotuning seemed to fix that for me:

netsh interface tcp set global autotuninglevel=disabled
netsh interface tcp set global rss=disabled
netsh int tcp set global chimney=disabled

No issues after running those netsh commands, only when waking up the computer from sleep and trying to connect too fast will give the same error. Wait a couple of seconds and the connection succeeds.

What exactly is compatibility mode doing to fix this issue?
clepardris Lepard 2:04 am on February 14, 2015

well done. thank you for this. I did have to do the same on the vpnagent file as well… worked
Jessica 4:15 am on February 14, 2015

I tried your solution but didn’t work for me. Then I installed the following two optional updates, fixed the issue.

Update for Windows 8.1 for x64-based Systems (KB3013816)
Update for Windows 8.1 for x64-based Systems (KB3013769)
Vinny 4:04 pm on February 15, 2015

You can also work around this on the firewall side as not to inconvenience users. I’ve only had issues where SSLv3 was still enabled. I normally disable this on all my firewalls as it’s no longer secure. Configure your ASA to use TLS only:

ssl server-version tlsv1-only

Additionally, although I don’t think it’s required to fix this, I order the TLS ciphers as follows:

ssl encryption dhe-aes128-sha1 dhe-aes256-sha1 aes128-sha1 aes256-sha1 3des-sha1

Hope this helps others.
sy 3:01 pm on February 16, 2015

very helpful. Thank you. I had to do the troubleshoot with vpnui.exe and vpnagent.exe
glonner22 3:03 pm on February 16, 2015

This worked for me, thanks! I have an HP EliteBook Folio 9470m with Windows 8.1. Had to do the steps for both vpnui.exe and vpnagent.exe too.
glonner22 3:06 pm on February 16, 2015

Worked for me, thanks! I have Windows 8.1 and I had to do both steps for vpnui.exe and vpnagent.exe
Gebru 3:07 pm on February 16, 2015

I cannot find ”Run compatibility troubleshooter” after I right click vpnui.exe. Can you help me please to fix the problem. I am using windows 8.1.
Maddy 8:45 pm on February 16, 2015

if you don’t quit the cisco anytime connect from system tray before making the change it won’t work. Quit the program and make the change.
mastermindss 9:16 pm on February 16, 2015

Thanks. It worked with vpnui, though the compatibility mode suggested was Windows 7.
- Robi 3:38 pm on February 17, 2015
  
  Thanks Chris, it worked the same way for me. (WIN7 compatibility mode)
Chris 12:31 am on February 17, 2015

I have included an update in my blog article for a fix from Microsoft.
Alan Wade (@AlanWade8) 7:19 am on February 17, 2015

I used PureVPN connection and its work fine for me. Here is their services guide: http://www.purevpn.com/vpn-service/vpn-connection.php
Gerry 10:13 am on February 18, 2015

Hi Chris
Thanks a lot, it worked for me (on win8.1 & Server2012R2). 🙂
CM 1:56 am on February 19, 2015

Thank you! It worked however had to go through different tabs to find vpnui but eventually got there and proceeded to troubleshoot/fix the problem. I will stress that each time someone proceeds with “next”, you have to “Close the Cisco AnyConnect Window and the taskbar mini-icon” in order to “test”.
Mohit 7:21 am on February 19, 2015

Thanks, Worked for me on Window 8.1
Jonathan Slaven 2:39 pm on February 19, 2015

The fix-it patch doesn’t work but the compatibility troubleshoot seems to have fixed the problem.
Ken T. 5:51 pm on February 19, 2015

Thanks for the fix. It worked for me on Windows 8.1 PRO and Cisco AnyConnect Secure Mobility Client Version 3.1.05182
Joanne Pamer 8:35 pm on February 19, 2015

Thank you so much! I downloaded the Fix It patch and it worked for me on Windows 8.1.
Jessica Hudson 3:27 am on February 20, 2015

This thread saved my life! I have been trying to access my colleges online library all week through my VPN to no avail. Hopefully I can finish my paper on time! Thank you so much.
Luiz Carlos Wormsbecker 1:01 pm on February 21, 2015

I had this problem with Windows 8. After executing steps 1 thru 5, step 6 did not work. I think it was because the software was not stoped correcttly before execution of the steps…

I decided to RESTART my computer, and Cisco AnyConnect began to work again…

Best Regars
Sharon 1:19 pm on February 23, 2015

I still cannot get mine to work, I can get into the folder, but there isn’t a “Run compatibility troubleshooter” button 😦
- Steve Jurick 8:56 pm on February 23, 2015
  
  Sharon,
  
  1) Make sure there are no instances of the AnyConnect application (check Show Hidden Icons too)
  
  2) Navigate to here: https://support.microsoft.com/kb/3023607?wa=wsignin1.0
  
  3) Scroll down to near the bottom of the page and click on Microsoft Fix It (Install AppCompat shim)
  
  4) Restart PC and try AnyConnect again.
  
  Steve
Natalija 2:17 pm on February 24, 2015

Thank you so much for this fix. I’ve been trying to fix this for a whole week, ever since I made the update that was ‘important’ and ‘recommended’. I went as far as restoring my PC to a previous point in time. It work for a couple of days until I got to the same update again. And PC crashed again of course. Oddly enough it still works fine on desktop PC which has win7.
dave 12:39 pm on February 26, 2015

I let the compatibility wizard set it to Win 8.0 and it works a treat thanks!
MH 5:56 pm on February 26, 2015

Thank you; the microsoft patch worked on Windows 8.1. Note that the vpnui.exe didn’t contain the“Run compatibility troubleshooter” button you suggested using…I’m not sure if that’s just because my sys admin disabled that button or some other reason. Could you please provide a screenshot showing where that button should be located??
Diana 12:37 am on February 27, 2015

Thanks, your solution worked for me. Had to run Compatibility troubleshooter and set it to run as Windows 8 on my Windows 8.1 laptop.
Eddie 11:53 pm on February 27, 2015

The fix with the heading: “Update 2/16/2015 16:11 CST:” Worked like a charm for me on a Windows 8 tablet–it did require a reboot. I had tried other fixes I had found, but only this one worked–that is the KB# 3023607. Thanks so much for posting this fix! It was a life saver for me.
Michael 4:35 am on March 2, 2015

thank you! worked, i do have to repeat it though .. could it be country related? (i moved for few months, did not occure before i moved)
Jason 6:14 pm on March 2, 2015

Thank you so much! The Microsoft Fix-It patch did the trick.
LCC 1:08 pm on March 3, 2015

1-7 worked for me. Thanks.
Amanda Giles 2:19 pm on March 3, 2015

The Microsoft fix also worked for me. Thanks for the quick working solution. I’m very grateful.
pureabsolute 5:45 am on March 6, 2015

Thank you — the first link I clicked on, and it was a beautiful thing. One thing to keep in mind — for me, after trying and failing with the above error, the program still seemed to be running in the background — so it didn’t seem to work for me at first. But after I killed the process using task manager and ran it again, there was no problem. Again — THANK YOU!
Leszek 8:55 am on March 6, 2015

Hi, thank a lot. For me 1-7 steps solved my issue. 🙂
Aerowisp 11:31 am on March 6, 2015

Thank you. Compatibility solution above works
Jon Busenkell 5:10 pm on March 8, 2015

Thank YOU! Now I will see if I can glue some of my hair back in place.
Jorge Catalá 8:42 am on March 9, 2015

Thanks for the info. The “Microsoft Fix it 51033 pacth” worked for me on windows 8.1!!!. 😉
Jonathan Monestel 2:41 pm on March 9, 2015

Thank you very much. Windows 8.1 updates made the VPN to fail.
Noam Topaz 6:03 pm on March 10, 2015

This Worked for me too (Thank you very much!) – make sure to reboot after the installation
JohnM 1:21 am on March 11, 2015

Has this issue reappeared after a Windows Update released on 3/10/2015 for anyone else?
Naveed ALi 2:21 pm on March 12, 2015

try this… it works 100%.
you dont need to do setting every time after restarting.

http://www.auburn.edu/oit/news/article.php?id=383
- Chris 2:28 am on March 13, 2015
  
  Please checkout the update on top of the article. This workaround is no longer needed.
Marvin 6:51 pm on March 18, 2015

Since “Run compatibility troubleshooter” did not work for me (no program started, even if tried from Total Commander run as administrator) on my Win 81. 64 bit machine, I removed the update manually and the error message is gone. However, now I’m getting a

Connection attempt has timed out. Please verify Internet connectivity.

despite being able to open any websites in Firefox. Any suggestions? Thanks!
- Chris 7:40 pm on March 18, 2015
  
  Look at using the Microsoft patch included in the update at the top of this post.
  - Marvin 9:15 am on March 19, 2015
    
    After I’ve done this Windows Update mentioned new updates which I also installed. History says, latest updates are
    
    KB2919355
    KB3021952
    
    now I’m getting “login failed”, despite the password being 100% ok.
  - Marvin 12:37 pm on March 19, 2015
    
    It’s a server problem, as I’ve just found out. Login should be possible soon. Impeccable timing like always with these guys.
    
    And thanks for posting the fix, Chris.
Doug 1:46 am on March 29, 2015

About two weeks after I applied the FixIt patch, I started receiving BSOD shortly after establishing a connection. I just uninstalled “vpnui.exe custom database” from my Add/Remove Programs and now the BSOD has gone away. I am assuming that this was the FixIt patch I installed earlier so try that if you start having issues.
bost 7:32 am on April 10, 2015

Thank you. Worked for me on win8.1
Syed Shah 11:09 am on September 2, 2015

Your blog and tips have been life saver. I usually don’t leave comments, but this time I am forced to leave as I have consulted your blog for the VPN couple of times.
Jafar 12:29 pm on November 7, 2015

I had the similar problems after update of AnyConnect into version 4.2.00096
It failed to work after a first ping into remote host, or it worked only with one host, even after a minute it stopped to work completely, although I remained connected.
After a long testing I found the solution. I made one change into Network Adapter Settings.
Here is my solution:
http://jsoft.ws/index.php?key=Other%20ArticlesCisco%20AnyConnect%20in%20Windows%208