AnyConnect show error "The secure gateway has rejected the connection attemp..........."

Natapoom — Wed, 22 Apr 2020 11:14:55 GMT

Re: AnyConnect show error "The secure gateway has rejected the connection attemp..........."

Sheraz.Salim — Wed, 22 Apr 2020 11:51:50 GMT

You have a dhcp server configured on the tunnel-group. That would take preference for address assignment. Order of address assignment is AAA,DHCP and then local.

tunnel-group "SSL VPN" type remote-access
tunnel-group "SSL VPN" general-attributes
 address-pool VPN_POOL
 default-group-policy "GroupPolicy_SSL VPN"
 dhcp-server 192.168.1.1

highly recommend removing that configuration if you are not using a dhcp server.

Also, sometimes when DHCP is assigned, the ASA might disable the local vpn address assignment. The default is a hidden command so you have to see "show run all" to see it. Like this:

ASA# sh run all | in vpn-addr
no vpn-addr-assign aaa
no vpn-addr-assign dhcp
vpn-addr-assign local reuse-delay 0

If you are only using the local pool to assign ip addresses, the above would be the config you need. If you need DHCP or AAA ip address assignment enabled the setting by adding the command.

a very similar issue is discussed here https://community.cisco.com/t5/vpn/secure-gateway-has-rejected-the-connection/td-p/2826763

Re: AnyConnect show error "The secure gateway has rejected the connection attemp..........."

Natapoom — Thu, 23 Apr 2020 06:45:03 GMT

The problem has been resolved.
I found that it is a bug of Anyconnect Version 4.8 and ASA Version 7.13.1

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvs40531/?rfs=iqvred

topic Re: AnyConnect show error "The secure gateway has rejected the connection attemp..........." in Network Security

AnyConnect show error "The secure gateway has rejected the connection attemp..........."

Re: AnyConnect show error "The secure gateway has rejected the connection attemp..........."

Re: AnyConnect show error "The secure gateway has rejected the connection attemp..........."