Showing results for 
Search instead for 
Did you mean: 


Anyconnect VPN issue service restricted Please help

Hello All,

Looking for some help . All was ok up until today and nothing has changed in the server room . We have a valid contract with smartnet/any connect until Nov2020. Suddenly today my users are experiencing the attached error msg when trying to use anyconnect to remote VPN into our servers. Our service provider did accidentally disconnect service last week then reconnected , since that time I was informed that people were able to access the VPN via version 4.1.02011 up until today so don't think it's on their side. I am having them check to make sure nothings blocked but odd coincidence . We have a Cisco 5506x box which is noted to be our firewall/vpn in the server room and we have a license valid until Nov 2020 for our smartnet/anyconnect software which is our VPN in for remote users. I can ping the cisco 5506x box internally on the network but not remotely . Any help would be most appreciated . I'm not expert on Cisco's VPN . See attached error message "the service provider in your current location is restricting access to the internet. You need to logon with the service provider before you can establish a VPN session. You can try this by visiting any website with your browser" Both the remote and host location have internet access .
Thank You


Rob Ingram
VIP Mentor


This guide explains that message, which is related to captive portal detection.



Hello Rji 

regarding the message below 

The service provider in your current location is restricting access to the Internet.
The AnyConnect protection settings must be lowered for you to log on with the service
provider. Your current enterprise security policy does not allow this.

This is happening with all our remote users since yesterday when they try to VPN in with anyconnect. No configuration has changed.  We do have a Cisco 5506X box in the server room and our smartnet/anyconnect license is valid until the end of this year. Do you think something like a firewall cert/SSL has expired maybe ? I'm not familiar with this setup and our IT manager at that location is no longer with the company so any help would be most appreciated . Do I need to login to the physical Cisco 5506x box and make any changes in order to do the work around ? Nothing should have changed on it unless something has expired as it just stopped working out of the blue. I take it the VPN information is located on the 5506x box with the firewall or is the VPN located via software on the domain server ? I would like to try disabling the captive portal detection to see if that works for now but not sure where that setting is located. Thank You so much .

Recognize Your Peers
Content for Community-Ad