Running an ASA 5512, software version 9.5, with VPN set up using AAA authentication against a local Active Directory server. The vast majority of users are able to authenticate and connect to the VPN with no issue, but some accounts (up to 3 now) provide the following when connecting:
SSL session with client outside:$USER_IP/43674 to VPN_EXTERNAL_IP/443 terminated
AAA user authentication Rejected : reason = Unspecified : server = $ACTIVE_DIRECTORY_IP : user = ***** : user IP = $USER_IP
Device completed SSL handshake with client outside:$USER_IP\43674 to VPN_EXTERNAL_IP/443 for TLSv1.2 session
To be clear, I did not ***** out the user name, that is what comes up in logs, as opposed to the username which comes up in case of an incorrect password such as:
AAA user authentication Rejected : reason = Invalid password : server = $ACTIVE_DIRECTORY_IP : user = jm : user IP = $USER_IP
The passwords are verified as correct as they can authenticate to active directory with no problems, they are not expired, and the accounts are not suspended. If I create a new account for them, that account can connect with no problem. This account in particular has been working up until yesterday from a user across the country, so it has definitely been in use previously. The moment I have them use the new account, they are able to connect, eliminating anything on their end.
I'd rather not have an AD server full of users and re-created User_VPN accounts, so finding a fix for this would be ideal. Thanks!
