Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
435
Views
0
Helpful
1
Replies

RV34x SSL VPN remote user disabled

oliu
Level 1
Level 1

‎01-11-2021 09:27 AM

Hi, 

   I am using the SSL VPN of RV345. I used port 8443 (so vpn.xxx.com:8443) and Radius auth, with split tunnel enabled on server side. On the client side, I tried to create a VPN profile as below, but I am still getting remote user disabled when I was trying to connect to the VPN server from a windows 10 rdp session using vpn anyconnect secure mobile client (4.9.01905). Do I have to change the profile on the server side? If so how do I do it? Thanks.

<?xml version="1.0" encoding="UTF-8"?>
<AnyConnectProfile xmlns="http://schemas.xmlsoap.org/encoding/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://schemas.xmlsoap.org/encoding/ AnyConnectProfile.xsd">
<ClientInitialization>
<WindowsLogonEnforcement>SingleLogon</WindowsLogonEnforcement>
<WindowsVPNEstablishment>AllowRemoteUsers</WindowsVPNEstablishment>
</ClientInitialization>
<ServerList>
<HostEntry>
<User>aaa</User>
<SecondUser></SecondUser>
<HostName>xxx</HostName>
<HostAddress>vpn.xxx.com:8443</HostAddress>
<Domain></Domain>
<Group>ALLOWVPNGROUP</Group>
<ProxyHost>vpn.xxx.com</ProxyHost>
<ProxyPort>8443</ProxyPort>
<SDITokenType>none</SDITokenType>
<ControllablePreferences>
<LocalLanAccess>true</LocalLanAccess></ControllablePreferences>
</HostEntry>
</ServerList>
</AnyConnectProfile>

Labels:
0 Helpful
1 Reply 1

oliu
Level 1
Level 1

‎01-11-2021 09:38 AM

By the way, this is the event log I see from the client side:

Current Profile: none
Received VPN Session Configuration Settings:
Keep Installed: enabled
Rekey Method: handshake
Proxy Setting: do not modify
Proxy Server: none
Proxy PAC URL: none
Proxy Exceptions: none
Proxy Lockdown: enabled
IPv4 Split Exclude: disabled
IPv6 Split Exclude: disabled
IPv4 Dynamic Split Exclude: disabled
IPv6 Dynamic Split Exclude: disabled
IPv4 Split Include: 2 IPv4 private networks
IPv6 Split Include: disabled
IPv4 Dynamic Split Include: disabled
IPv6 Dynamic Split Include: disabled
IPv4 Split DNS: enabled
IPv6 Split DNS: disabled
Tunnel all DNS: disabled
IPv4 Local LAN Wildcard: local LAN access preference is disabled
IPv6 Local LAN Wildcard: local LAN access preference is disabled
Firewall Rules: none
Client Address: 192.168.12.28
Client Mask: 255.255.255.255
Client IPv6 Address: FE80:0000:0000:0000:32CB:AD21:2DA6:A49E (auto-generated)
Client IPv6 Mask: FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFF:FFFC
TLS MTU: 1399
TLS Compression: disabled
TLS Keep Alive: 30 seconds
TLS Rekey Interval: 3600 seconds
TLS DPD: 300 seconds
DTLS: disabled
DTLS MTU: none
DTLS Compression: disabled
DTLS Keep Alive: disabled
DTLS Rekey Interval: none
DTLS DPD: 30 seconds
Session Timeout: none
Session Timeout Alert Interval: none
Session Timeout Remaining: none
Disconnect Timeout: none
Idle Timeout: 2100 seconds
Server: Cisco Linux SSLVPN
MUS Host: unknown
DAP User Message: n
Quarantine State: unknown
Always On VPN: unknown
Lease Duration: 43200 seconds
Default Domain: #
Home page: unknown
Smart Card Removal Disconnect: enabled
License Response: unknown
SG TCP Keep Alive: enabled
Peer's Local IPv4 Address: N/A
Peer's Local IPv6 Address: N/A
Peer's Remote IPv4 Address: N/A
Peer's Remote IPv6 Address: N/A
Peer's host name: N/A
Client Protocol Bypass: false
Tunnel Optimization: disabled

0 Helpful
Customers Also Viewed These Support Documents