02-17-2011 07:15 AM - edited 02-21-2020 05:10 PM
I just upgraded our firewall from 8.23 to 8.32
for full Windows 7 IE8 support with the SSL Clientless VPN connection. I have a problem with users when they try and connect over a Verizon air-card. At first it functions normally, then the user gets kicked and the message below appears.
The service provider in your current location is restricting access to the Internet. You need to log on with the service provider before you can establish a VPN session. You can try this by visiting any website with your browser.
Any direction would be much appreciated, this just started happening after the upgrade. I attahced the output.
02-17-2011 07:33 AM
Many facilities that offer Wi-Fi and wired access, such as airports, coffee shops, and hotels, require the user to pay before obtaining access, agree to abide by an acceptable use policy, or both. These facilities use a technique called captive portal to prevent applications from connecting until the user opens a browser and accepts the conditions for access.
AnyConnect displays the Unable to contact VPN server message on the GUI if it cannot connect, regardless of the cause. If a captive portal is not present, AnyConnect continues to attempt to connect to the VPN and updates the status message accordingly.
If always-on VPN is enabled, the connect failure policy is closed, captive portal remediation is disabled, and AnyConnect detects the presence of a captive portal, the AnyConnect GUI displays the following message once per connection and once per reconnect:
The service provider in your current location is restricting access to the Internet.
The AnyConnect protection settings must be lowered for you to log on with the service
provider. Your current enterprise security policy does not allow this.
If AnyConnect detects the presence of a captive portal and the AnyConnect configuration differs from that described above, the AnyConnect GUI displays the following message once per connection and once per reconnect:
The service provider in your current location is restricting access to the Internet.
You need to log on with the service provider before you can establish a VPN session.
You can try this by visiting any website with your browser.
You can check the following links for reference:-
I hope it helps.
11-13-2012 12:43 AM
its an old topic but FYI
I had a similar issue (8.4.5, anyconnect 3.1). On our site we don't have any captive portal but still the same message was being displayed. AnyConnect clients were connecting to port 4443, I changed it to normal https and everything started to work ok.
regards
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide