12-23-2015 09:34 AM
Having an issue with VPN sending this back to endusers. Have changed the Cert-Map and other things but still get this message. Here is a copy of CLI of errors, and configuration.
the exact error is :
The secure gateway has rejected the connection attempt. A new connection attempt to the same or another secure gateway is needed, which requires re-authentication. The following message was received from the secure gateway: No assigned address
tunnel-group SRHVPN type remote-access
tunnel-group SRHVPN general-attributes
address-pool (outside) SRHVPN
address-pool SRHVPN
default-group-policy GroupPolicy_SRHVPN
dhcp-server 10.10.10.253
tunnel-group SRHVPN webvpn-attributes
authentication certificate
group-alias SRHVPN enable
tunnel-group-map enable rules
tunnel-group-map default-group SRHVPN
webvpn
enable outside
anyconnect image disk0:/anyconnect-win-4.2.01022-k9.pkg 2
anyconnect image disk0:/anyconnect-macosx-i386-4.2.01022-k9.pkg 3
anyconnect profiles SRHVPN_client_profile disk0:/SRHVPN_client_profile.xml
webvpn_file_encoding.c:webvpn_get_file_encoding_db_first[68]
anyconnect enable
tunnel-group-list enable
tunnel-group-preference group-url
certificate-group-map CERT-MAP 10 SRHVPN
application-type citrix-receiver default tunnel-group SRHVPN
group-policy DfltGrpPolicy attributes
vpn-tunnel-protocol ikev1 ikev2 l2tp-ipsec ssl-client ssl-clientless
default-domain value sr.vpn.donot.ts
group-policy GroupPolicy_SRHVPN internal
group-policy GroupPolicy_SRHVPN attributes
wins-server value 10.10.10.253
dns-server value 10.10.10.252
vpn-simultaneous-logins 3
vpn-tunnel-protocol ikev1 ikev2 l2tp-ipsec ssl-client ssl-clientless
default-domain value sr.vpn.donot.ts
address-pools value SRHVPN
Solved! Go to Solution.
12-19-2020 10:19 AM - edited 12-19-2020 10:19 AM
Hello,
I also encountered this error while I was not using any DHCP server on the tunnel group.
What helped me was this command:
vpn01# show ip local pool POOL_VPN_224
Begin End Mask Free Held In use
10.22.11.224 10.22.11.239 255.255.255.240 12 0 4
So what does this command tells me is that from the 16 IPs of the pool 4 are taken and 12 free.
Use it and check accordingly.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide