12-09-2018 02:50 PM
Hi all,
Working through AnyConnect configuration and coming across two issues. A remote test PC cannot connect with error:
"The VPN connection was started by a remote desktop user whose remote console has been disconnected. It is presumed the VPN routing configuration is responsible for the remote console disconnect. The VPN connection has been disconnected to allow the remote console to connect again. A remote desktop user must wait 90 seconds after VPN establishment before disconnecting the remote console to avoid this condition."
I cannot see how this is a routing issue, any help would be appreciated.
Attached is sanitized config.
Note I can connect from the inside interface with no issues.
Thank you,
Steven
Solved! Go to Solution.
12-10-2018 06:03 AM
12-11-2018 11:55 AM
Hi JP,
Thank you for your help. So config looks like:
access-list <name> standard permit <InternalNetwork>
group-policy <AnyConnectGPName> attributes
split-tunnel-policy tunnelspecified
split-tunnel-network-list value <ACLName>
Thank you for pointing me in the right direction.
-Steven
12-10-2018 06:03 AM
12-10-2018 01:37 PM
Hi JP,
Yea this seems to be the issue. I tested a connection this morning from a PC that I was not remoting to. This showed that AnyConnect works but is not sending traffic out the local WAN as I expected.
I will go through the process of setting up split tunnel and confirm the fix.
Thank you,
Steven
12-11-2018 11:55 AM
Hi JP,
Thank you for your help. So config looks like:
access-list <name> standard permit <InternalNetwork>
group-policy <AnyConnectGPName> attributes
split-tunnel-policy tunnelspecified
split-tunnel-network-list value <ACLName>
Thank you for pointing me in the right direction.
-Steven
12-11-2018 11:56 AM
Hi JP,
Thank you for your help. So config looks like:
access-list <name> standard permit <InternalNetwork>
group-policy <AnyConnectGPName> attributes
split-tunnel-policy tunnelspecified
split-tunnel-network-list value <ACLName>
Thank you for pointing me in the right direction.
-Steven
10-10-2019 04:33 AM
Hello GP,
I have the same issue, we have a tunnel all policy for our clients and i am facing this issue with one client.
Could you please provide explanation why this is happening?
In the anyconnect client profile i selected " Allow Remote Users".
Is there any other workaround because i don't want to change the policy just for one person.
anyconnect version: 4.6.00362
Please advise
10-11-2023 02:35 PM
I have the "AllowRemoteUsers" feature enabled on the VPN profile but I'm still receiving the same error message.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide