diff --git a/nselib/anyconnect.lua b/nselib/anyconnect.lua
index d0eb2b55b..73885cd0b 100644
--- a/nselib/anyconnect.lua
+++ b/nselib/anyconnect.lua
@@ -89,20 +89,25 @@ Cisco = {
         end
       }
 
-
-      local response = http.head(self.host, self.port, '/', options)
+      local path = '/'
+      local response = http.head(self.host, self.port, path, options)
       -- account for redirects
       if not response.status == 200 then
         return false, "Failed to connect to SSL VPN server"
       elseif response.location then
         local u = url.parse(response.location[#response.location])
-        self.host = u.host
+        if u.host then
+          self.host = u.host
+        end
+        if u.path then
+          path = u.path
+        end
       end
 
-      response = http.post(self.host, self.port, '/', options, nil, data)
+      response = http.post(self.host, self.port, path, options, nil, data)
 
       if response.status ~= 200 or response.body == nil then
-        return false, "Error in SSL VPN server response"
+        return false, "Not a Cisco ASA or unsupported version"
       end
 
       local xmltags = {
@@ -126,6 +131,11 @@ Cisco = {
           self.conn_attr[tag] = m
         end
       end
+
+      if not self.conn_attr['version'] then
+        return false, "Not a Cisco ASA or unsupported version"
+      end
+
       -- in case we were redirected
       self.conn_attr['host'] = stdnse.get_hostname(self.host)
       return true
diff --git a/scripts/http-cisco-anyconnect.nse b/scripts/http-cisco-anyconnect.nse
index ce900506e..932c5c49c 100644
--- a/scripts/http-cisco-anyconnect.nse
+++ b/scripts/http-cisco-anyconnect.nse
@@ -41,8 +41,10 @@ end
 
 action = function(host, port)
   local ac = anyconnect.Cisco.AnyConnect:new(host, port)
-  local status = ac:connect()
-  if status then
+  local status, err = ac:connect()
+  if not status then
+    return ("\n  ERROR: %s"):format(err)
+  else
     local o = stdnse.output_table()
     local xmltags = { 'version', 'tunnel-group', 'group-alias',
       'config-hash', 'host-scan-ticket', 'host-scan-token',
diff --git a/scripts/http-vuln-cve2014-2126.nse b/scripts/http-vuln-cve2014-2126.nse
index d0492704d..7d3f6063e 100644
--- a/scripts/http-vuln-cve2014-2126.nse
+++ b/scripts/http-vuln-cve2014-2126.nse
@@ -68,8 +68,10 @@ Cisco Adaptive Security Appliance (ASA) Software 8.2 before 8.2(5.47), 8.4 befor
 
   local report = vulns.Report:new(SCRIPT_NAME, host, port)
 	local ac = anyconnect.Cisco.AnyConnect:new(host, port)
-	local status = ac:connect()
-	if status then
+  local status, err = ac:connect()
+  if not status then
+    return ("\n  ERROR: %s"):format(err)
+  else
   	local ver = ac:get_version()
 		if vuln_versions[ver['major']] and vuln_versions[ver['major']][ver['minor']] then
 			if vuln_versions[ver['major']][ver['minor']] > tonumber(ver['rev']) then
diff --git a/scripts/http-vuln-cve2014-2127.nse b/scripts/http-vuln-cve2014-2127.nse
index e2acfde01..fe4645152 100644
--- a/scripts/http-vuln-cve2014-2127.nse
+++ b/scripts/http-vuln-cve2014-2127.nse
@@ -68,8 +68,10 @@ Cisco Adaptive Security Appliance (ASA) Software 8.x before 8.2(5.48), 8.3 befor
 
   local report = vulns.Report:new(SCRIPT_NAME, host, port)
 	local ac = anyconnect.Cisco.AnyConnect:new(host, port)
-	local status = ac:connect()
-	if status then
+  local status, err = ac:connect()
+  if not status then
+    return ("\n  ERROR: %s"):format(err)
+  else
   	local ver = ac:get_version()
 		if vuln_versions[ver['major']] and vuln_versions[ver['major']][ver['minor']] then
 			if vuln_versions[ver['major']][ver['minor']] > tonumber(ver['rev']) then
diff --git a/scripts/http-vuln-cve2014-2128.nse b/scripts/http-vuln-cve2014-2128.nse
index e4134976b..b88fd0619 100644
--- a/scripts/http-vuln-cve2014-2128.nse
+++ b/scripts/http-vuln-cve2014-2128.nse
@@ -69,8 +69,10 @@ The SSL VPN implementation in Cisco Adaptive Security Appliance (ASA) Software 8
 
   local report = vulns.Report:new(SCRIPT_NAME, host, port)
 	local ac = anyconnect.Cisco.AnyConnect:new(host, port)
-	local status = ac:connect()
-	if status then
+  local status, err = ac:connect()
+  if not status then
+    return ("\n  ERROR: %s"):format(err)
+  else
   	local ver = ac:get_version()
 		if vuln_versions[ver['major']] and vuln_versions[ver['major']][ver['minor']] then
 			if vuln_versions[ver['major']][ver['minor']] > tonumber(ver['rev']) then
diff --git a/scripts/http-vuln-cve2014-2129.nse b/scripts/http-vuln-cve2014-2129.nse
index 75f843539..5a4964767 100644
--- a/scripts/http-vuln-cve2014-2129.nse
+++ b/scripts/http-vuln-cve2014-2129.nse
@@ -66,8 +66,10 @@ The SIP inspection engine in Cisco Adaptive Security Appliance (ASA) Software 8.
 
   local report = vulns.Report:new(SCRIPT_NAME, host, port)
 	local ac = anyconnect.Cisco.AnyConnect:new(host, port)
-	local status = ac:connect()
-	if status then
+  local status, err = ac:connect()
+  if not status then
+    return ("\n  ERROR: %s"):format(err)
+  else
   	local ver = ac:get_version()
 		if vuln_versions[ver['major']] and vuln_versions[ver['major']][ver['minor']] then
 			if vuln_versions[ver['major']][ver['minor']] > tonumber(ver['rev']) then