Please keep in mind that the Manager has a certificate that is used when you assess the manager.. it appears the Clean Access Server certificate is expired... Must browse to the server directly to see. Have you done this? Example https://publicipaddress/Admin
Where the public ip address is of the Clean Access Server.. once there check the status of the certificate Hope this helps Thanks, Christopher DeSmit University of North Carolina Pembroke- Division of Information Technology Network Security Specialist 910-521-6260 [email protected] From: Cisco Clean Access Users and Administrators [mailto:[email protected]] On Behalf Of Brian Beausoleil Sent: Wednesday, April 22, 2009 10:49 AM To: [email protected] Subject: Clean Access connection issue Hi all, I could use some assistance in resolving an issue. I have tried to find a possible source of the problem but have fallen short. The following is the error message Clean Access displays when trying to connect... "Clean access server could not establish a secure connection to clean access manager at cam1.scsu.southernct.edu. This could be due to one or more of the following reasons: 1. clean access manager certificate has expired 2. clean access manager can not be trusted 3. clean access manager can not be reached. Please report this to your network administrator." Some of our Help Desk student workers get the message as well, and they say the Agent will pop up to log in, but when they log in they receive this error message. Things we have discovered so far (While the student is unable to log in)... * Nslookup resolves the Manager * Ip, dns, default gateway, dhcp server are all correct * The certificate has NOT expired * Manager can be reached because the Agent popped up, and I can log into the admin UI * Scanned with AV, Malwarebytes, etc... and found no infected objects * User is able to access our homepage via IP but not by name At this point I am at a loss. After some time the issue goes away and the end user is able to log back in. Each time that we have gone out we plugged own machine into the jack and was able to log in with no problems. This is not affecting every user and is impossible to replicate. Any feedback or solutions would be appreciated. Thanks in advance... Brian
