03-07-2016 04:59 PM - edited 02-21-2020 08:43 PM
I am using Anyconnect (ver. 4.2.02075).
VPN is working from desktop, but doesn't work through RDP connection.
In the XML file the following settings about remote session was changed to:
<WindowsLogonEnforcement>
<WindowsVPNEstablishment>
but anyconnect doesn't work: error "VPN establishment capability from a remote desktop is disabled. A VPN connection will not be established."
Can you help with this issue?
Thank you!
 
					
				
		
03-07-2016 05:54 PM
Hi wm2680001,
Please configure the 
This will allow the VPN sessions to be originated from remote machines as well.
For future reference:-
http://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect30/administration/guide/anyconnectadmin30/ac13vpnxmlref.html#40060
This change would have to be done on the ASA since whenever you try to connect again with the modified policy, it gets updated by the policy pushed 
Please have your ASA configured for the mentioned setting so that it can be pushed from the firewall to all the clients.
Regards,
Dinesh Moudgil
P.S. Please rate helpful posts.
03-07-2016 06:30 PM
Hi Dinesh,
You're saying if it isn't done on the ASA, just locally on the machine, the modified policy won't take hold? Is there any possible way to do it just locally and have something that calls a modified profile xml file (which is what I did locally) on the local machine instead of getting it pushed from the ASA?
Thank you
 
					
				
		
03-07-2016 06:53 PM
Hi wm2680001
The issue is every time client connects to VPN headend, it tries to fetch and confirm if there were any updates to the 
Optionally, if you don't want all the users to get that option, you can create a separate 
Regards,
Dinesh Moudgil
P.S. Please rate helpful posts.
09-26-2016 08:41 AM
Having the same problem, and not exactly sure where I can find the anyconnect profile (.xml) file. I tried under "C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client" and updated a file called "AnyConnectLocalPolicy.xml".. but I still cannot connect.
I also do not see any attaced snippet.
 
					
				
				
			
		
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide