Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
19333
Views
5
Helpful
4
Replies

AnyConnect was not able to establish a connection to the specified secure gateway. Please try connect again and and VPN Establishement Capability from a Remote Desktop is disabled

chetan.sharda1
Level 1
Level 1

‎04-22-2015 06:16 AM - edited ‎02-21-2020 08:11 PM

Hi All,

I am using VPN (anyconnect-win-3.0.5080) to access the client server.While  I connect the VPN from my local system, VPN connection is established  successfully.
While I connect the VPN using RDC machine (AWS/Ec2 Amazon ), VPN connection is not established successfully. I am getting the following error,

1. AnyConnect was not able to establish a connection to the specified secure gateway. Please try connect again
2. VPN Capability form a Remote Desktop is disabled. VPN connection will not be established

I have tried following soultions but none of them are working

Solution 1: Change the settings in the AnyConnectProfile.tmpl configuration  file.
Solution 2: Any connect client profile needs to be created using  ASDM.

Please help me to resolve this issue and connect the VPN from the staging  server machine using RDC.

Please let me know if you need any additional details on this.

Thanks,

1 person had this problem
Labels:
0 Helpful
4 Replies 4

Dinesh Moudgil
Cisco Employee
Cisco Employee

‎04-22-2015 12:52 PM

Hi Chetan,

Please configure the anyconnect profile (.xml file) to be configured for "AllowRemoteUsers" as shown in the attached snippet.
This will allow the VPN sessions to be originated from remote machines as well.

For future reference:-
http://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect30/administration/guide/anyconnectadmin30/ac13vpnxmlref.html#40060

Regards,
Dinesh Moudgil

P.S. Please rate helpful posts.

Cisco Network Security Channel - https://www.youtube.com/c/CiscoNetSec/
Preview file
159 KB
0 Helpful

chetan.sharda1
Level 1
Level 1
In response to Dinesh Moudgil

‎04-23-2015 12:41 AM

Hi Dinesh,

Thanks for reply.

I have received setup of AnyConnect from our client. After installation, in the following configuration file i.e. Contractor.xml (c:/ProgramData/Cisco/Cisco AnyConnect Secure Mobility Client/Profile), change  the WindowsVPNEstablishment node value to “AllowRemoteUsers” instead of  “LocalUsersOnly”.

I done the above mentioned changes and tried to establish the VPN  connection. After I attempted to connect the VPN, it throws the same message and  the configuration which I changed from “LocalUsersOnly” to “AllowRemoteUsers” is  revoked.

Am I missing something?

0 Helpful

Dinesh Moudgil
Cisco Employee
Cisco Employee
In response to chetan.sharda1

‎04-23-2015 04:46 AM

Hi Chetan,

This change would have to be done on the ASA since whenever you try to connect again with the modified policy, it gets updated by the policy pushed from the ASA  and the changes are reverted.

Please have your client configure the mentioned change so that it can be pushed from the firewall to all the clients.

Regards,
Dinesh Moudgil

P.S. Please rate helpful posts.

Cisco Network Security Channel - https://www.youtube.com/c/CiscoNetSec/

Guido Arturo Catalano
Level 1
Level 1
In response to Dinesh Moudgil

‎02-20-2016 09:42 AM

Thanks.

This is the content of the uploaded profile:

<?xml version="1.0" encoding="UTF-8"?>
<AnyConnectProfile xmlns="http://schemas.xmlsoap.org/encoding/">;
 <ClientInitialization>
  <WindowsVPNEstablishment>AllowRemoteUsers</WindowsVPNEstablishment>
 </ClientInitialization>
</AnyConnectProfile>

I'm using AnyConnect 3.1.13015

Thanks

Guido

0 Helpful
Customers Also Viewed These Support Documents