Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Good evening,I previously had an IKEv2 Remote Access VPN tunnel working properly on an ASA 5515-X but apparently made some changes that have broken this functionality, so I appreciate any assistance that can be offered in restoring functionality. I h...
Final edits below, tl;dr see CSCvo73128:So, interesting scenario... I took a dig into the logs further from what you noted above, @MHM Cisco World and found the following in the Event Viewer (Applications and Services Logs, Cisco Secure Client) logs ...
Tiny log (UpdateHistory_20250803_121951_log.txt):Connecting to vpn.contoso.com.Authorized Server List is not defined in local policy. Treating vpn.contoso.com as authorized.Any configured local policy <UpdatePolicy> locks do not apply.No local policy...
Very few attributes show up as changed, full text attached.Edit: I've flattened the group policies and deleted the contoso policy. All that remains is DftlGrpPolicy. No change in behavior.
You're correct about that, GroupPolicy_vpn.contoso.com-anyconnect is set to inherit everything not otherwise specified. I've debated flattening the config to remove the contoso policy and use ONLY the DfltGrpPolicy (since it's not used elsewhere). ...
