Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
683
Views
0
Helpful
1
Replies

After migration to ASA-X anyconnect is not working

QW_netzwerk
Level 1
Level 1

‎02-07-2015 02:35 AM - edited ‎02-21-2020 08:04 PM

Hello There,

 

We have migrated from ASA 5520 to new ASA 5525-X Series. The configuration is identical with the older one. The Certificate is transferred as well. Anyconnect essentials license has been bought. But now all are working except Anyconnect VPN client users. When I try to login from phone where anyconnect software was installed showing at the client side the message "Login Denied, unauthorized connection mechanism, contact your administrator". From the firewall log I don't see any specific error that I can follow to troubleshoot. But when I am trying to login from a new device where I didn't install the anyconnect client I get the Message from client side "" and from the firewall log "Session terminated: SVC not enabled for the user".

 

The firewall has enabled the webvpn on the outside/Internet interface.

webvpn
 enable wlan_extern
 enable internet
 anyconnect-essentials
 anyconnect image disk0:/anyconnect-win-3.1.01065-k9.pkg 1
 anyconnect image disk0:/anyconnect-macosx-i386-2.5.2014-k9.pkg 2
 anyconnect image disk0:/anyconnect-linux-2.5.2014-k9.pkg 3
 anyconnect image disk0:/anyconnect-macosx-i386-3.1.04072-k9.pkg 4
 anyconnect image disk0:/anyconnect-win-3.1.05170-k9.pkg 5
 anyconnect image disk0:/anyconnect-macosx-i386-3.1.05160-k9.pkg 6
 anyconnect image disk0:/anyconnect-win-3.1.05170-k9.pkg 7
 anyconnect image disk0:/anyconnect-linux-3.1.05182-k9.pkg 8
 anyconnect profiles Quarzwerke disk0:/quarzweke.xml
 anyconnect enable

 

ASA license version:


Licensed features for this platform:
Maximum Physical Interfaces       : Unlimited      perpetual
Maximum VLANs                          : 200            perpetual
Inside Hosts                                  : Unlimited      perpetual
Failover                                         : Active/Active  perpetual
Encryption-DES                            : Enabled        perpetual
Encryption-3DES-AES                  : Enabled        perpetual
Security Contexts                          : 2              perpetual
GTP/GPRS                                    : Disabled       perpetual
AnyConnect Premium Peers         : 2              perpetual
AnyConnect Essentials                 : 750            perpetual
Other VPN Peers                          : 750            perpetual
Total VPN Peers                           : 750            perpetual
Shared License                             : Disabled       perpetual
AnyConnect for Mobile                 : Enabled        perpetual
AnyConnect for Cisco VPN Phone    : Disabled       perpetual
Advanced Endpoint Assessment      : Disabled       perpetual
UC Phone Proxy Sessions               : 2              perpetual
Total UC Proxy Sessions                 : 2              perpetual
Botnet Traffic Filter                          : Disabled       perpetual
Intercompany Media Engine           : Disabled       perpetual
IPS Module                                     : Disabled       perpetual
Cluster                                            : Enabled        perpetual
Cluster Members                            : 2              perpetual

This platform has an ASA5525 VPN Premium license.

Any kind of help will be greatly appreciated.

Zaman

Labels:
0 Helpful
1 Reply 1

QW_netzwerk
Level 1
Level 1

‎02-07-2015 04:25 AM

I found the configuration Problem. In the DAP profile the attribute and value was missing. Now it is working without any issue.

Thanks

Zaman 

0 Helpful
Customers Also Viewed These Support Documents