Thank you so much for your response.

I'll share the config in a short while. Before that, could you check the licensing part? What command do i have to use on the cisco 891 iOS router?

Hi

 Can you run the command :

show version

show license

Please check the attached file. It has the full configuration details

Host-891#sh ver
Cisco IOS Software, C890 Software (C890-UNIVERSALK9-M), Version 15.1(4)M4, RELEASE SOFTWARE (fc1)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2012 by Cisco Systems, Inc.
Compiled Wed 21-Mar-12 01:40 by prod_rel_team

ROM: System Bootstrap, Version 12.4(22r)YB3, RELEASE SOFTWARE (fc1)

Host-891 uptime is 1 year, 5 weeks, 23 hours, 35 minutes
System returned to ROM by power-on
System restarted at 08:37:04 Summer Tue Apr 5 2022
System image file is "flash:c890-universalk9-mz.151-4.M4.bin"
Last reload type: Normal Reload

Cisco 891 (MPC8300) processor (revision 1.0) with 498688K/25600K bytes of memory.
Processor board ID FTX1704841K

9 FastEthernet interfaces
1 Gigabit Ethernet interface
1 Serial interface
1 terminal line
1 Virtual Private Network (VPN) Module
256K bytes of non-volatile configuration memory.
247464K bytes of ATA CompactFlash (Read/Write)

License Info:

License UDI:

-------------------------------------------------
Device# PID SN
-------------------------------------------------
*0 CISCO891-K9 FTX1704841K

License Information for 'c890'
License Level: advipservices Type: Permanent
Next reboot license Level: advipservices

Configuration register is 0x2102

Host-891#sh lice
Host-891#sh license
Index 1 Feature: advipservices
Period left: Life time
License Type: Permanent
License State: Active, In Use
License Count: Non-Counted
License Priority: Medium
Index 2 Feature: ios-ips-update
Period left: Not Activated
Period Used: 0 minute 0 second
License Type: EvalRightToUse
License State: Not in Use, EULA not accepted
License Count: Non-Counted
License Priority: None
Index 3 Feature: SSL_VPN
Period left: Life time
License Type: RightToUse
License State: Active, In Use
License Count: 25/0 (In-use/Violation)
License Priority: Low
Index 4 Feature: WAAS_Express
Period left: Not Activated
Period Used: 0 minute 0 second
License Type: EvalRightToUse
License State: Not in Use, EULA not accepted
License Count: Non-Counted
License Priority: None

Are you using Anyconnect client?  You have 25 license for SSL VPN. But I see you have two kind of Client Vpn on the router as per the DHCP config:

ip local pool vpnclient 172.16.1.1 172.16.1.40
ip local pool anyconnect 172.16.3.1 172.16.3.40

 Index 3 Feature: SSL_VPN
Period left: Life time
License Type: RightToUse
License State: Active, In Use
License Count: 25/0 (In-use/Violation)

I wondering if you have license for the other VPN client. 

We have asked the client not to use cisco vpn client which was configured earlier. Should I remove  it from the config?

 But which client they should use? 

anyconnect

Anyconnect should work up to 25 users.  

When the second user try to associate, can you see any log on the router?  

By any change you dont have users connected and not in use? 

can you run  show webvpn session

Host-891#sh webvpn session context all
WebVPN context name: SSLVPN_Context
Client_Login_Name Client_IP_Address No_of_Connections Created Last_Used

Right. Well, you can enable a debug and ask to 2 clients connect and lets see if something come up. 

debug webvpn aaa, debug wevpn tunnel