AnyConnect VPN Failed Login

chris.bias · ‎08-15-2022

We previously were able to log on to the AnyConnect Web Portal and the client but now no one is able to connect to the VPN. Nothing has changed and the ASA ASDM monitor shows the authentication going through but nothing is connecting. Any thoughts?

RachelGomez161999 · ‎08-15-2022

6 Ways to fix-

1. Reboot Your Computer
Sometimes, the simplest solutions are the best. Like many technical issues, the “VPN Authentication Failed” error can sometimes be solved by rebooting your device. This clears the memory cache and stops any code which isn’t working properly so the VPN can start fresh.

2. Disable Your Firewall
If you’re using a firewall, it could be blocking your VPN client. To find out whether this is the problem, you’ll need to temporarily disable your firewall to see if it fixes things. Make sure you disable both third-party and built-in firewalls (like the Windows Defender firewall). You’ll need to do this for public and private networks — this option should be in your firewall settings.

This isn’t a permanent solution and disabling your firewall can leave your computer vulnerable to security threats. If your firewall is the problem, you’ll need to adjust the settings or switch to a different firewall.

3. Try a Wired Connection
Sometimes, issues with your router can prevent the VPN from connecting properly. This isn’t common, but it does happen — especially if you’re using two linked routers. Try connecting to the router using an Ethernet cable instead of a wireless connection and see if it solves the issue.

If using two routers is causing problems, you can fix this by enabling bridge mode. The method for this varies between models, so check your router manual.

4. Use a Different VPN Protocol
With most VPNs, you have the option of choosing which IP protocol to use. The most common are TCP (Transmission Control Protocol) and UDP (User Datagram Protocol). The main difference is that TCP includes error correction, meaning it resends anything which gets corrupted or doesn’t arrive due to connection issues. Because UDP doesn’t do this, it’s faster but can be less reliable.

Switching between protocols could solve the “VPN Authentication Failed” error by speeding up your connection, especially if you go from TCP to UDP. You’ll find this option in Settings in your VPN app. Take note that the quality of your connection may decrease if you switch protocols.

5. Try an Alternate DNS Server
By default, your VPN client will probably use your VPN provider’s DNS servers. This reduces the risk of DNS leaks, but it sometimes causes connection issues. To test whether this is the problem, try using other DNS servers. In your VPN app Settings, you’ll need to turn off the “Only use VPN DNS servers” option. Bear in mind that this may slightly increase the risk of DNS leaks.

6. Try a Different WiFi Network
If none of the previous solutions worked for you, the problem may be with your WiFi network. To see if this is the case, try using the VPN at a public WiFi hotspot or a friend’s house. If the VPN works on these other networks, yours may be the problem. Take a look at your Internet and WiFi settings and try to spot what’s causing issues with your VPN.

Greeting,

Rachel Gomez

mvattigu · ‎08-16-2022

What is the version of AnyConnect configured on ASA ? Modern browsers no longer support ActiveX, Java plugins and might be the reason why the VPN connections can no longer be established from the web portal. From AnyConnect admin guide -

"Automatic provisioning (Weblaunch) works on Windows operating systems with Internet Explorer browsers only."

When AnyConnect detects other browsers, it should display link to download AnyConnect and will not allow to establish VPN connection.