A lot of users recently have been reporting "Login Failed" error with no details when they try to connect with their AnyConnect client. When I check the ASA logs, it reports that the username/password was incorrect. These VPN accounts are linked to the user's AD accounts so when I reset the password to their AD accounts, the issue is resolved and they are finally able to log in with their AnyConnect client.
Why are they getting an incorrect password error to begin with though? They don't change their passwords and we don't have a password expiration policy.
I would look to AD to the additional details tab to see if their incorrect login attempts count increases, indicating they are typing the wrong password to begin with. You could also look at security logs on your domain controller for event ID 4625 so see if there are also any incorrect login attempts by that user. We've seen an increase in this as we send more staff home to work as well. Just nervous employees working from home I think.
We've seen this problem too and it's not users entering the wrong password. One day the login succeeds and the next day it fails. We fix it by setting the password in AD to exactly what it was and magically VPN connects. It happened sporadically in the past but seems to be increasing in regularity.
Same here. This is happening daily for the past week. My co-worker backed up and then powered off the ASA and when he brought it back up, we could log on. I thought perhaps the end user didn't have their password correct, but then I had the issue as did my co-workers.
We also use our AD username/passwords for AnyConnect. Since the password is correct (or everyone suddenly doesn't know their password), any recommendations?
Hello All, Recently I got an opportunity to perform POC with Cisco ISE (2.7 Patch 4) and Aruba Wireless AP (IAP) to perform 802.1x EAP-FAST (machine + user) authentication followed by Posture Assessment on Windows 10 Machines (installed with AnyConnect 4....
Hello All, Recently I got an opportunity to perform POC with Cisco ISE (2.7 Patch 4) and Juniper EX 2300 switch to perform 802.1x EAP-FAST (machine + user) authentication followed by Posture Assessment on Windows 10 Machines (installed with AnyConnec...
At the core of the new Firewall Threat Defense (FTD) software version 7.x, Snort 3 provides faster and superior threat protection and performance, includes better SecureX integration so SecOPS teams can quickly pivot and correlate events from multiple pr...
This article describes the set of logs that can be verified related to SI feeds, starting from configuring to periodic updates.
The information in this document is based on Cisco FMC and FTD that runs software Version 6.6.5 or later.
pxGrid Integration with Cisco StealthWatch using Microsoft CAObjectiveThis blog will help the readers to configure their Cisco StealthWatch (7.X) and Cisco ISE appliance over pxGrid. What is pxGrid?Cisco pxGrid provides a unified framework that enabl...