Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
178794
Views
6
Helpful
15
Replies

secure Gateway has rejected the connection

Go to solution
james.king14
Level 1
Level 1

‎12-23-2015 09:34 AM

Having an issue with VPN sending this back to endusers.  Have changed the Cert-Map and other things but still get this message.  Here is a copy of CLI of errors, and configuration.

the exact error is :

The secure gateway has rejected the connection attempt.  A new connection attempt to the same or another secure gateway is needed, which requires re-authentication.  The following message was received from the secure gateway:  No assigned address

tunnel-group SRHVPN type remote-access
tunnel-group SRHVPN general-attributes
 address-pool (outside) SRHVPN
 address-pool SRHVPN
 default-group-policy GroupPolicy_SRHVPN
 dhcp-server 10.10.10.253
tunnel-group SRHVPN webvpn-attributes
 authentication certificate
 group-alias SRHVPN enable
tunnel-group-map enable rules
tunnel-group-map default-group SRHVPN
webvpn
 enable outside
 anyconnect image disk0:/anyconnect-win-4.2.01022-k9.pkg 2
 anyconnect image disk0:/anyconnect-macosx-i386-4.2.01022-k9.pkg 3
 anyconnect profiles SRHVPN_client_profile disk0:/SRHVPN_client_profile.xml
webvpn_file_encoding.c:webvpn_get_file_encoding_db_first[68]
 anyconnect enable
 tunnel-group-list enable
 tunnel-group-preference group-url
 certificate-group-map CERT-MAP 10 SRHVPN
 application-type citrix-receiver default tunnel-group SRHVPN
group-policy DfltGrpPolicy attributes
 vpn-tunnel-protocol ikev1 ikev2 l2tp-ipsec ssl-client ssl-clientless
 default-domain value sr.vpn.donot.ts
group-policy GroupPolicy_SRHVPN internal
group-policy GroupPolicy_SRHVPN attributes
 wins-server value 10.10.10.253
 dns-server value 10.10.10.252
 vpn-simultaneous-logins 3
 vpn-tunnel-protocol ikev1 ikev2 l2tp-ipsec ssl-client ssl-clientless
 default-domain value sr.vpn.donot.ts
 address-pools value SRHVPN

6 people had this problem
Labels:
Preview file
1431 KB
Preview file
8 KB
0 Helpful
15 Replies 15

Go to solution
Florin Barhala
Level 6
Level 6

‎12-19-2020 10:19 AM - edited ‎12-19-2020 10:19 AM

Hello,

I also encountered this error while I was not using any DHCP server on the tunnel group.

What helped me was this command:

vpn01# show ip local pool POOL_VPN_224
Begin End Mask Free Held In use
10.22.11.224 10.22.11.239 255.255.255.240 12 0 4

 

So what does this command tells me is that from the 16 IPs of the pool 4 are taken and 12 free.

Use it and check accordingly.

 

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents