We have a user who has been using the old IPSec VPN client. We've recently upgraded to a firepower, and we've attempted to move this user over to AnyConnect. The old IPSec client was removed and AnyConnect was upgraded. The AnyConnect client establishes the VPN connection fine, the routes look OK, but he can't make a connection to any servers.
When I setup a capture on the firepower, traffic from his machine is leaving on 500/udp and is destined to the server he's trying to ping on 500/udp. Same on telnet - both source and destination ports show 500/udp.
He reset the tcp/ip stack on his system and rebooted, but the same behavior is observed. I can use his credentials on another laptop, and everything works fine. The Windows built-in L2TP over IPSec isn't configured. Any ideas what I might try? Thanks
Solved! Go to Solution.
Thanks Mohammed for your input. Unless there is something really odd, there are no other VPN clients on the machine. I also noticed two AVs on his machine: BitDefender and Symantec. BitDefender uninstalled no problem, but Symantec threw an error, so that is still installed. We'll try to get that installed today and see if that helps. Take care.
I'm relatively new to the organization, and I found out today that there is a group policy that forces all users to connect to this server via a VPN tunnel. The problem is still being worked, but I at least have enough information to continue troubleshooting.