I am currently using AnyConnect as an SSL VPN service for some outside vendors to access a few of our applications. Unfortunately some of them refuse to download software, so I need to setup a clientless solution.

I used the SSL VPN wizard and setup a new Clientless SSL connection. Whenever I try to login it tells me:

Clientless (browser) SSL VPN access is not allowed.

In the Syslog it lists these 2 warnings

4 Oct 16 2009 10:43:20 722050 Group <TestLicensing> User <ksoutherland> IP <10.12.10.203> Session terminated: SVC not enabled for the user

4 Oct 16 2009 10:43:20 113019 Group = , Username = , IP = 0.0.0.0, Session disconnected. Session Type: , Duration: 0h:00m:00s, Bytes xmt: 0, Bytes rcv: 0, Reason: Unknown

If I enable the SVC it just proceeds to setup the Anyconnect session even though in the Group Policy I have the login setting to go straight to the Clientless SSL Portal. Any ideas on this?

Is it because I already use Anyconnect and IPSec on this interface as well? I was able to get a clientless session working on another ASA out at my Colo, but this one just won't seem to comply.