I have AnyConnect (ver 3.1.01065) configured on Cisco router 891. VPN is working fine from the desktop, but I also need the ability to establish a VPN connection through a RDP connection (i.e. I'm using RDP to connect to a PC which has AnyConnect installed on, then trying to establish a VPN connection). OS Windows 7 SP1 x86.
I've read about changing some settings in profile file (changed the <WindowsVPNEstablishment> option to "AllowRemoteUsers". Then applied the profile to the relevant Group Policy. Connected VPN from the PC (not through RDP), so that it downloads the new profile, and then disconnected again.):
But this make sense to the cisco asa... I have a cisco router on the ios 15.1. I've checked the XML file on the local PC to confirm the profile has been downloaded and is has, and I can't see the AllowRemoteUsers option.
So I still can't start VPN through an RDP connection. (Error is "VPN establishment capability from a remote desktop is disabled. A VPN connection will not be established".)
This also happened with the previous version of AnyConnect (2.5.xxxx).
The PC's local routing tables look fine, and I can't see any conflicts that would cause the RDP session to drop.
In the main window of Cisco anyconnect secure mobility client I\ve noticed label: Web Authentication required. Does configuration webvpn of the cisco IOS is need somthing changins maybe? But I dont know what...
Any ideas would be appreciated!
Сообщение отредактировал: Maxim Bezzubov
have the same problem, and could fix it.
Cisco 19XX Router and 15.2 IOS.
I create a profile with the profile editor. Good description can be found here http://www.petenetlive.com/KB/Article/0000546.htm
I upload the xml file to the router.
First copy from a tftp/ftp/... to the router flash
Import the profile on the router:
webvpn import svc profile newprofile flash:/profile1.xml
and assoc it to the corosponding context
On the client pc you don't need to do anything. Start Anyconnect, assoc to your vpn server, and check under
C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\Profile (for wind 7) if the profile from router is downloaded.
Pls rate if helpful :-)