Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1186
Views
0
Helpful
5
Replies

AnyConnect cant be established on AWS instance

agentelu
Level 1
Level 1

‎10-07-2023 03:22 PM

Hello,

I try to create a VPN connection with the Any connect software from a Windows instance on AWS (Amazon) without success.

But I can establish the connection from my personal machine.

What could be the problem? Is there any parameterization I should do to establish the connection?

Labels:
0 Helpful
5 Replies 5

WarHawk
Level 1
Level 1

‎10-07-2023 06:07 PM

Hi agentelu,

Do you have any restrictive Security Groups associated? Those usually get me when I’m in AWS.

What sort of Error is AnyConnect throwing you? Can you see any connection (even Phase 1) made on the VPN Server?

If the above is OK then try and attempt a connection on AnyConnect - observe it fail then attach some logs of AnyConnect and we can take a look.

0 Helpful

agentelu
Level 1
Level 1

‎10-07-2023 06:27 PM

Hi WarHawk, thanks for your comment.


I'm just on the client side. I don't have server-side visibility. because is another company.
Any connect gives me the following error ( two windows erros ) :

"AnyConnect was not able to establish a connection to the especified secure gateway. Please try connecting again."

"VPN establishement capability for a remote user is disable. A VPN connection will not be established"

Bellow the message history in anyConnect log:

8/10/2023
01:16:24 Contacting server_site.
01:16:37 User credentials entered.
01:16:38 Establishing VPN session...
01:16:38 The AnyConnect Downloader is performing update checks...
01:16:38 Checking for profile updates...
01:16:38 Checking for product updates...
01:16:38 Establishing VPN - Initiating connection...
01:16:39 Establishing VPN session...
01:16:40 Connection attempt has failed.
01:16:40 VPN session ended.
01:16:40 Ready to connect.

 

 

 

0 Helpful

WarHawk
Level 1
Level 1
In response to agentelu

‎10-07-2023 06:43 PM

Best thing you can try to do is modify the connection profile file that AnyConnect refers to to build the Connection up. 

I’ve posted a blog post that I’ve used myself to get around this issue in the past. Have a read and give it a try if you want.

Failing that it might be worth reaching out (if you haven’t already) to the Support Team who look after the VPN Server. 

https://blog.expta.com/2020/04/how-to-enable-cisco-anyconnect-vpn.html?m=1#:~:text=VPN%20establishment%20capability%20for%20a,VPN%20profile%20on%20the%20ASA.

0 Helpful

agentelu
Level 1
Level 1

‎10-07-2023 07:22 PM

Hello, thanks for your comment.

I followed your blog and followed the steps to change the XML file but unfortunately I couldn't find the file.
On Windows I don't have the "Profile" folder, I only have the path "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\"
In this directory I only have the folders:
-Install
-plugin
-res

where can I find this file to edit?

Can we talk via chat?

0 Helpful

agentelu
Level 1
Level 1

‎10-07-2023 07:54 PM

Sorry the folder was hidden, I had to enable hidden files and folders.

I found the file but with the .xsd extension is it the same thing?

0 Helpful
Top