08-23-2011 09:29 AM
This is a weird one.
I have one user that has started having issues with the anyconnect vpn client.
When he enters his username and password the client does not even attempt to contact the vpn server. I have watched my ASA logs and the IP address associated with his home device is not being logged on the firewall. Immediately after he enters his username/password he recieves "authentication failed." However, I can log in via vpn on the same machine through vpn without issues and the ip is logged in the firewall.
Even when he uses a machine for the first time, the anyconnect client will not even attempt to connect, but immediately goes to the authentication failed message. We tested this on a brand new laptop right out of the box. I installed the client and asked him to login. It did the exact same thing.
I have verified that his user credentials are not locked in AD, we are using kerberos for authentication and using anyconnect client 2.4.1012. This error persist across all OSes that we have tried.
Also, I forgot to add. He was able to connect yesterday morning without issues and worked for 4 hours. After he disconnected was when the problem began.
Any help would be greatly appreciated and if you need any further information please ask.
John
08-23-2011 05:47 PM
Hello, to me this sounds like a profile issue. With each of these machines before you have tested any connect did you have the user log on to the domain on that machine? Have you tried having another user that works logged in to the machine and then have the user that doesn't work try any connect? Have you tried him with a machine that has not logged onto domain? Have you tested his account on the ASA to see if he authenticates? Also, unrelated but version 3.0.3054 is out for anyconnect and is more secure.
Sent from Cisco Technical Support iPad App
09-22-2011 08:06 PM
Sounds like a policy issue on the ASA, try and enable debug aaa authentication, debug aaa radius and have the user having issues connect and look at the asa logs
Sent from Cisco Technical Support iPhone App
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide