I use Cisco AnyConnect to connect to a client’s VPN. Lately, it started hanging with the status message “Hostscan is waiting for the next scan”.
The logs show a loop that lasts a little over 10 minutes where it scans and starts over until it finally gives up.
9:42:46 AM Hostscan state idle 9:42:48 AM Hostscan is waiting for the next scan 9:43:50 AM Hostscan is performing system scan 9:43:51 AM Hostscan is performing software scan 9:43:58 AM Hostscan state idle 9:44:00 AM Hostscan is waiting for the next scan 9:45:03 AM Hostscan is performing system scan 9:45:04 AM Hostscan is performing software scan 9:45:19 AM Hostscan state idle 9:45:22 AM Hostscan is waiting for the next scan 9:46:24 AM Hostscan is performing system scan 9:46:24 AM Hostscan is performing software scan
I read something about removing personal certificates helping with this, but I only have a few personal certificates, and they are my machine name, localhost, local development, and something NVIDIA put on there.
But then I read something else about personal certificates in IE11. Sure enough, under Tools (or the gear icon) > Internet Options > Content there is a button for Certificates.
After clicking that, I saw something very different from the machine certificates. They were there, plus some other certificates for local development, but there were HUNDREDS like *.somewebsite.com.
I sorted by the name, selected them, and removed them. Then I tried Cisco AnyConnect again, and it finally connected.
The wildcard certificates I saw in the IE11 Internet Options were created by Fiddler, which I use to watch network traffic and inspect web requests and responses. Fiddler acts as a proxy between your computer and your internet connection, and I guess it creates a personal wildcard certificate for every site you visit, or when Dropbox syncs, or your email does a send/receive, etc.
Since I must use Cisco AnyConnect for the VPN and I only use Fiddler sometimes, I removed the wildcard certificates and uninstalled Fiddler and I’ve been able to connect to the VPN reliably for a week now.