11-08-2020 10:05 AM
Hi all,
I want to change my asa vpn dial-in to anyconnect ikev2. Because I cannot useASDM, I configured all manually. All seems to works fine up to this step:
08.11.2020
18:39:09 Contacting 172.16.10.1.
18:40:32 User credentials entered.
18:40:32 Establishing VPN session...
18:40:32 The AnyConnect Downloader is performing update checks...
18:40:32 Checking for profile updates...
18:40:34 Downloading AnyConnect VPN Profile - 100%
18:40:34 Checking for product updates...
18:40:34 Checking for customization updates...
18:40:34 Performing any required updates...
18:40:34 The AnyConnect Downloader updates have been completed.
18:40:40 Connection attempt has failed. <-----
I have to mention, that I created the xml profile with notepad+ editor
A look at the profile show that my profile was changed (?) from this:
<?xml version="1.0" encoding="UTF-8"?>
<AnyConnectProfile xmlns="http://schemas.xmlsoap.org/encoding/">
<ClientInitialization>
<WindowsVPNEstablishment>AllowRemoteUsers</WindowsVPNEstablishment>
<WindowsLogonEnforcement>SingleLogon</WindowsLogonEnforcement>
</ClientInitialization>
<ServerList>
<HostEntry>
<HostName>my_name1</HostName>
<HostAddress>my.name.info</HostAddress>
<PrimaryProtocol>IPsec</PrimaryProtocol>
</HostEntry>
</ServerList>
</AnyConnectProfile>
to this (I saw in the notepad+ that all CR/LF where replace by LFs only !!!!!!!!!!
<?xml version="1.0" encoding="UTF-8"?><AnyConnectProfile xmlns="http://schemas.xmlsoap.org/encoding/">
<ClientInitialization>
<WindowsVPNEstablishment>AllowRemoteUsers</WindowsVPNEstablishment>
<WindowsLogonEnforcement>SingleLogon</WindowsLogonEnforcement>
</ClientInitialization>
<ServerList>
<HostEntry>
<HostName>myname</HostName>
<HostAddress>my.name.info</HostAddress>
<PrimaryProtocol>IPsec</PrimaryProtocol>
<HostEntry>
<ServerList>
</AnyConnectProfile>
A second try to dial in fails instantly. I have to mention, that I copy the *.xml profile manually via fat32 usb stick to the ASA. Copy firmware stuff with this stick directly via ASA USB Ports works w/o problems.
I'm not sure, but it seems that by copying manually, thee xml-profile gets corrupted?
Any ideas, what happens? My thx in advance.
Pete
Solved! Go to Solution.
11-23-2020 09:12 AM
Hi all,
I found a solution, copy the .xml file via FTP onto the ASA and it works.
Pete
11-23-2020 09:12 AM
Hi all,
I found a solution, copy the .xml file via FTP onto the ASA and it works.
Pete
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide