cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
2051
Views
0
Helpful
4
Replies
BVC
Beginner
Beginner

Anyconnect user can't login

I have configured the asa firewall with the client based Anyconnect vpn. Currently it has a number of users that are using it completely find with no issues at all. I've been trying to add this new user to the VPN but it won't let him login. He has the correct ID certificate and has the correct login details but anyconnect won't let him login in successfully. I've uninstalled and downloaded the anyconnect client and his user ID certificate multiple times on his machine to see if these were the issue but the result is still the same

 

Every time he tries to login it seems like he has logged in successfully (the log shows that he logs in for a few seconds) but then it kicks him out and displays two errors, I've attached both. I've downloaded his ID certificate onto my corporate laptop and can log into the vpn using his AD credentials so I'm positive this is something to do with his local machine, not the firewall or anyconnect config. The firewall displays a few errors I haven't seen before. I've also attached the firewall log that shows what happens. The error stands out the most to me is, 

 

SVC Message: 16/ERROR: Initialization failure (mem alloc failed, etc.).. 

 

Any help or advice is much appreciated as I can't find anything on any of the errors I'm encountering. 

4 REPLIES 4
Cristian Matei
Collaborator

Hi,

 

   I looked through the logs, before that error appears, the remote user/AnyConect disconnects the session, so the message you're saying, like mom alloc fails, it's normal, as the ASA was reserving resources but it failed as the client disconnected. What i would do is the following:

         - uninstall AnyConnect from the end device, delete all necessary files from "Program Files" and "User", reboot and reinstall it, ensure it's the same version which works on other devices; see if it works, if not, proceed to next step

        - ensure to disable IPv6 from the NIC's of that endpoint, and ensure there are no other firewall clients, VPN agents, antivirus agents which may affect functionality; see if that endpoint has such software running, which could affect functionality; if it doesn't work proceed to next step

       - use DART to collect the agent logs and post it here, see here

 

Regards,

Cristian Matei.

        

Hello Cristian,

Doesn't the session disconnect after the mom alloc fails message as the disconnect syslog message appears on line 13? This message appears after all the error and group policy syslog messages.

Regards,

Ben

Hi,

 

   Here's how i interpret the relevant logs:

 

Session gets reseted by remote client, see the RESET-I

6|Mar 18 2020|17:26:18|302013|USER INTERNET IP ADDRESS|61993|ANYCONNECT IP ADDRESS|678|Built inbound TCP connection 96 for outside:USER INTERNET IP ADDRESS/61993 (USER INTERNET IP ADDRESS/61993) to identity:ANYCONNECT IP ADDRESS/678 (ANYCONNECT IP ADDRESS/678)

6|Mar 18 2020|17:26:18|302014|USER INTERNET IP ADDRESS|61992|ANYCONNECT IP ADDRESS|678|Teardown TCP connection 95 for outside:USER INTERNET IP ADDRESS/61992 to identity:ANYCONNECT IP ADDRESS/678 duration 0:00:00 bytes 11011 TCP Reset-I

 

The ASA tries to close the socket gracefully

6|Mar 18 2020|17:26:18|722023|||||Group <GroupPolicy_SSL_Connect> User <user_name> IP <USER INTERNET IP ADDRESS> TCP SVC connection terminated without compression

6|Mar 18 2020|17:26:18|725007|USER INTERNET IP ADDRESS|61992|||SSL session with client outside:USER INTERNET IP ADDRESS/61992 to ANYCONNECT IP ADDRESS/678 terminated

 

 

Trying to free resources it was about to allocate, but was caught in the middle and it gives an explanation  that some didn't even had the chance to be allocated; i see the last error message, in red, as generic, ASA saying, look above, some things went wrong, so i got an exception, i gotta ged rid of it succesffuly so i log something to close everything up

Mar 18 2020|17:26:18|737016|||||IPAA: Session=0x08b62000, Freeing local pool address 192.168.5.201

4|Mar 18 2020|17:26:18|113019|||||Group = SSL_Connect, Username = user_name, IP = USER INTERNET IP ADDRESS, Session disconnected. Session Type: AnyConnect-Parent, Duration: 0h:00m:07s, Bytes xmt: 17336, Bytes rcv: 0, Reason: User Requested

6|Mar 18 2020|17:26:18|716002|||||Group <GroupPolicy_SSL_Connect> User <user_name> IP <USER INTERNET IP ADDRESS> WebVPN session terminated: User Requested.

4|Mar 18 2020|17:26:18|722037|||||Group <GroupPolicy_SSL_Connect> User <user_name> IP <USER INTERNET IP ADDRESS> SVC closing connection: User Requested.

5|Mar 18 2020|17:26:18|722010|||||Group <GroupPolicy_SSL_Connect> User <user_name> IP <USER INTERNET IP ADDRESS> SVC Message: 16/ERROR: Initialization failure (mem alloc failed, etc.)..

   

 

Regards,

Cristian Matei.

Pavel_k8
Beginner

Hi, we had recently the same Problem with same Message.

The following solution helped us: Link to technet.microsoft.com 

Solution: RegKey Computer\HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\vpnva\DisplayName

Change Value to "Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64"

AnyConnect can now connect again.

Regards,

Pavel.

Create
Recognize Your Peers
Content for Community-Ad