05-03-2013 11:41 AM - edited 02-21-2020 06:52 PM
Hello Everybody,
I´m facing to one problem
i have an ASA 5510 version 8.4
i have upgraded since 3 days the anyconnect version to Anyconnect 3.1
Here is my license :
VPN-DES : Enabled perpetual
VPN-3DES-AES : Enabled perpetual
Security Contexts : 0 perpetual
GTP/GPRS : Disabled perpetual
AnyConnect Premium Peers : 50 perpetual
AnyConnect Essentials : Disabled perpetual
Other VPN Peers : 250 perpetual
Total VPN Peers : 250 perpetual
Shared License : Disabled perpetual
AnyConnect for Mobile : Disabled perpetual
AnyConnect for Cisco VPN Phone : Disabled perpetual
Advanced Endpoint Assessment : Disabled perpetual
UC Phone Proxy Sessions : 2 perpetual
Total UC Proxy Sessions : 2 perpetual
Botnet Traffic Filter : Disabled perpetual
Intercompany Media Engine : Disabled perpetual
Everything was working fine on my client user , when they vpn with the new application : "anyconnect vers 3.1"
Now , noone are able to connect via VPN , it appear on message when try to vpn :
" The service Provider in your current location is restricting access to the Internet. You need to log on with the service provider before you can estabilish a vpn session"
Everything work fine , with my service Provider, have the last JAVA on my Laptop and here is is the Event viewer error :
Function: MsgCatalog::msgFormat File: .\i18n\MsgCatalog.cpp Line: 450 Invoked Function: FormatMessage Return Code: 3 (0x00000003) Description: The system cannot find the path specified.
Function: MsgCatalog::msgFormat File: .\i18n\MsgCatalog.cpp Line: 450 Invoked Function: FormatMessage Return Code: 3 (0x00000003) Description: The system cannot find the path specified.
Please someone can Help Me Fix this Probleme, Everything was working fine before ?
05-03-2013 12:56 PM
So if you open a web browser on the machine trying to connect from and go to https://your_vpn_host what happens? Do you get a login prompt in the browser?
05-03-2013 01:01 PM
Yes when i use the Web Browser i´able to open the vpn,login , without any problem .
Also when i go the anyconnect plugin on my ssl web page, click on Start, it start and connect the client software on my laptop.
I realy confuse, why i have to go to the browser for make the client application work on my laptop? It suppose to work without the http web page ? How can i fix that ?
Thank you for you assistance !
05-04-2013 07:35 AM
Captive Portal Hotspot Detection and Remediation Requirements
Support for both captive portal detection and remediation requires one of the following licenses:
•AnyConnect Premium (SSL VPN Edition)
•Cisco AnyConnect Secure Mobility
You can use a Cisco AnyConnect Secure Mobility license to provide support for captive portal detection and remediation in combination with either an AnyConnect Essentials or an AnyConnect Premium license.
Captive portal detection and remediation support only computers running Microsoft Windows 7, Windows Vista, or Windows XP and Mac OS X 10.5,10.6, and 10.7.
Captive Portal Hotspot Detection
AnyConnect displays the "Unable to contact VPN server" message on the GUI if it cannot connect, regardless of the cause. VPN server specifies the secure gateway. If always-on is enabled, and a captive portal is not present, the client continues to attempt to connect to the VPN and updates the status message accordingly.
If always-on VPN is enabled, the connect failure policy is closed, captive portal remediation is disabled, and AnyConnect detects the presence of a captive portal, the AnyConnect GUI displays the following message once per connection and once per reconnect:
The service provider in your current location is restricting access to the Internet.
The AnyConnect protection settings must be lowered for you to log on with the service
provider. Your current enterprise security policy does not allow this.
If AnyConnect detects the presence of a captive portal and the AnyConnect configuration differs from that described above, the AnyConnect GUI displays the following message once per connection and once per reconnect:
The service provider in your current location is restricting access to the Internet. You need to log on with the service provider before you can establish a VPN session. You can try this by visiting any website with your browser.
Captive portal detection is enabled by default, and is non-configurable.
AnyConnect does not modify any browser configuration settings during Captive Portal detection.
Jatin Katyal
- Do rate helpful posts -
05-04-2013 05:28 PM
HI thank you for your answer
I have a
AnyConnect Premium Peers : 50 licesne enabled
so it mean that i can support both captive portal and remedation requirements!
so my question is as, i can´t realy fix this problem by turn it off this option. The previous version of anyconnect never give me this message error, there is no way for me to use just the client application , i always have to start the application by first go to the web page of my gateway, authenticate an then start the anyconnect plugin ?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide