Secure Client VPN Connectivity Issues with Posture Detection Failures

Available Languages

Download Options

  • PDF     (21.4 KB)
    View with Adobe Reader on a variety of devices
Updated:May 12, 2026
Document ID:225899

Bias-Free Language

The documentation set for this product strives to use bias-free language. For the purposes of this documentation set, bias-free is defined as language that does not imply discrimination based on age, disability, gender, racial identity, ethnic identity, sexual orientation, socioeconomic status, and intersectionality. Exceptions may be present in the documentation due to language that is hardcoded in the user interfaces of the product software, language used based on RFP documentation, or language that is used by a referenced third-party product. Learn more about how Cisco is using Inclusive Language.

Contents

Issue

Users are unable to establish Cisco Secure Client VPN connectivity within a Windows 365 VDI environment or Local PCs. The VPN connection consistently fails with posture-related errors, specifically displaying "hostscan csd prelogin verification failed" error messages.

The issue has been identified as being associated with posture detection failing when usernames contain non-ASCII (2-byte) characters, preventing affected VDI users from successfully connecting to the VPN.

When users press the connect button in the Cisco Secure Client interface, the VPN connection fails. The error manifests during the posture assessment phase of the connection process, preventing users from establishing secure remote access to corporate resources through the VPN tunnel.

Environment

  • Windows 365 VDI environment or Local PC

  • Cisco Secure Client installed

  • Secure Access implementation: RAVPN

Resolution

This issue is currently under investigation by Cisco Engineering and is tracked under Cisco bug ID CSCwt59834. The problem stems from posture detection failures when usernames contain non-ASCII (2-byte) characters in the Windows 365 VDI environment.

Date : 03/03/2026|Time : 02:19:09|Type : Information|Source : csc_vpnapishim|Description : [TID=10348 PID=13204]|Function: ConnectMgr::doCsdApiLaunch|File: E:\dev\workspace\cure-client-windows_Raccoon_MR13\vpn\Api\ConnectMgr.cpp|Line: 9312|Initializing CSD

Date : 03/03/2026|Time : 02:19:09|Type : Information|Source : csc_vpnapishim|Description : [TID=10348 PID=13204]|Function: ConnectMgr::doCsdApiLaunch|File: E:\dev\workspace\cure-client-windows_Raccoon_MR13\vpn\Api\ConnectMgr.cpp|Line: 9490|Performing CSD prelogin verification.

Date : 03/03/2026|Time : 02:19:10|Type : Information|Source : csc_vpnapishim|Description : [TID=10348 PID=13204]|Function: ConnectMgr::doCsdApiLaunch|File: E:\dev\workspace\cure-client-windows_Raccoon_MR13\vpn\Api\ConnectMgr.cpp|Line: 9494|CSD prelogin verification finished with return code -1

Date : 03/03/2026|Time : 02:19:10|Type : Error|Source : csc_libcsd|Description : Function: open_logfile|Thread Id: 0x286C|File: E:\dev\workspace\cure-client-windows_Raccoon_MR13\posture\common\libcommon\hs_log.c|Line: 1088|Level: error|Fail to open log file: (C:\Users\????\AppData\Local\Cisco\Cisco HostScan\log\csc_libcsd.log)|OSErrorStr(The filename, directory name, or volume label syntax is incorrect.|)|.

Date : 03/03/2026|Time : 02:19:10|Type : Error|Source : csc_libcsd|Description : [Tue Mar 03 02:19:10.313 2026][csc_libcsd]Function: verify_scanner Thread Id: 0x286C File: E:\dev\workspace\cure-client-windows_Raccoon_MR13\posture\asa\libcsd\csd_api.c Line: 483 Level: error :unable to verify scanner binary..

Date : 03/03/2026|Time : 02:19:10|Type : Error|Source : csc_libcsd|Description : Function: csd_prelogin|Thread Id: 0x286C|File: E:\dev\workspace\cure-client-windows_Raccoon_MR13\posture\asa\libcsd\csd_api.c|Line: 1003|Level: error|unable to locate scanner..

Initial Troubleshooting Steps Performed

These troubleshooting steps were attempted:

  • Reinstalling the Cisco Secure Client module on the VDI

  • Restarting the VDI environment

Current Status and Ongoing Resolution

The case is currently being worked on with Cisco Engineering to determine an estimated time of arrival (ETA) for a fix or enhancement related to Cisco bug ID CSCwt59834. Updates are provided as new information becomes available from the engineering team.

Diagnostic Information Collection

For proper diagnosis of this issue, collect this diagnostic information:

  • Cisco Secure Client error screenshots showing the specific error messages

  • DART (Diagnostic and Reporting Tool) files from the affected VDI environment or System.

  • Verification of username character encoding, particularly for users with non-ASCII characters

Observe these errors in the SFP logs under DART bundle:

Cause

The root cause of this issue is related to posture detection failures in the Cisco Secure Client when operating within Windows 365 VDI environments or Local PCs , specifically when usernames contain non-ASCII (2-byte) characters. The posture assessment component fails to properly process these character encodings during the "hostscan csd prelogin verification" phase, resulting in connection failures.

This issue is documented and tracked under Cisco bug ID CSCwt59834.

Related Content

Revision History

Revision Publish Date Comments
1.0
12-May-2026
Initial Release
TAC Authored

Contributed by Cisco Engineers

  • Kondaveeti Siva naga Rani
    Technical Consulting Engineer

Was this Document Helpful?

FeedbackFeedback

Contact Cisco

This Document Applies to These Products