10-09-2024 12:45 AM
Hello Experts ,
I have a weird issue with my ASA , i configured two connection profiles X and Y , both have exact same config , the only difference is the name , when trying to connect to profile X anyconnect will work , however when trying to connect to profile Y am getting login denied (as attached) , and when i enabled some debugs am getting just below :
Oct 08 2024 17:25:07: %ASA-6-725007: SSL session with client OUTSIDE:x.x.x.x/13305 to y.y.y.y/443 terminated
10-09-2024 01:35 AM
This can happened if you use group-lock' can yoh check your config for this
MHM
10-09-2024 02:10 AM
@HMHMHM thanks for your reply , below are the group policy config for both tunnels group and there is no group lock :
group-policy ISEGroupPolicy internal
group-policy ISEGroupPolicy attributes
wins-server none
dns-server value x.x.x.x
vpn-simultaneous-logins 3
vpn-tunnel-protocol ssl-client
split-tunnel-policy tunnelspecified
split-tunnel-network-list value test
default-domain value x.com
split-tunnel-all-dns enable
webvpn
anyconnect mtu 1200
anyconnect profiles value test-tunnel type user
always-on-vpn profile-setting
10-09-2024 04:02 AM
debug webvpn anyconnect 255 <<- run this debug when try to access
MHM
10-09-2024 04:47 AM
10-09-2024 10:00 AM
Issue has been fixed , and it was due to a conflict in DAP records , thank you
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide