This community is for technical, feature, configuration and deployment questions.
For production deployment issues, please contact the TAC!
We will not comment or assist with your TAC case in these forums.
Please see How to Ask the Community for Help for other best practices.
Hello all , I am seeing this strange issue while testing Anyconnect SSL VPN client with Posturing agent.
The process starts of fine , Anyconnect VPN gets connected , Posturing agents is talking to ISE but during complaint phase
COA from ISE getting failed with error message
"Event 5417 Dynamic Authorization failed"
"11213 No response received from Network Access Device after sending a Dynamic Authorization request " .
I can see that the endpoint ID is anyconnect client public ip instead of Mac address take a look at the attached screenshot .
ISE v2.4
Anyconnect v4.7
ASA is running 9.9.2
Solved! Go to Solution.
Based on cases I had and my understanding, I would explain it this way:
I tried to do some troubleshooting of 'Event 5417 Dynamic Authorization failed' for VPN sessions for one of my clients as soon as alarm appeared, and once I tried to analyze it deeper on ASA, I realized that specific user/session exists no more on VPN GW at that time.
BR,
Milos
Did you ever figure out an answer to this?
Based on cases I had and my understanding, I would explain it this way:
I tried to do some troubleshooting of 'Event 5417 Dynamic Authorization failed' for VPN sessions for one of my clients as soon as alarm appeared, and once I tried to analyze it deeper on ASA, I realized that specific user/session exists no more on VPN GW at that time.
BR,
Milos
Milos is correct. It's normal that the public IP shown in the CoA requests.