I have a user who is unable to login using AnyConnect. Their screen hangs at the AnyConnect message: “Hostscan is waiting for the next scan”.
Looking at the logs on the ASA I saw the following log:
Jun 25 2014 16:25:21: %ASA-3-716600: Rejected 266KB Hostscan data from IP <10.5.1.50>. Hostscan results exceed default limit of 200KB.
The syslog database says to increase the limit I need to contact Cisco TAC. So I did.
Cisco TAC gave me the following commands which fixed the issue:
Additional questions I asked Cisco but there was no answer:
- Why is this a secret command?
- My current hostscan only checks one registry string. Why is it generating more than 200KB of data for this?
- Why is the default setting not good enough?
- Why is this only happening for some users?