12-23-2015 09:34 AM
Having an issue with VPN sending this back to endusers. Have changed the Cert-Map and other things but still get this message. Here is a copy of CLI of errors, and configuration.
the exact error is :
The secure gateway has rejected the connection attempt. A new connection attempt to the same or another secure gateway is needed, which requires re-authentication. The following message was received from the secure gateway: No assigned address
tunnel-group SRHVPN type remote-access
tunnel-group SRHVPN general-attributes
address-pool (outside) SRHVPN
address-pool SRHVPN
default-group-policy GroupPolicy_SRHVPN
dhcp-server 10.10.10.253
tunnel-group SRHVPN webvpn-attributes
authentication certificate
group-alias SRHVPN enable
tunnel-group-map enable rules
tunnel-group-map default-group SRHVPN
webvpn
enable outside
anyconnect image disk0:/anyconnect-win-4.2.01022-k9.pkg 2
anyconnect image disk0:/anyconnect-macosx-i386-4.2.01022-k9.pkg 3
anyconnect profiles SRHVPN_client_profile disk0:/SRHVPN_client_profile.xml
webvpn_file_encoding.c:webvpn_get_file_encoding_db_first[68]
anyconnect enable
tunnel-group-list enable
tunnel-group-preference group-url
certificate-group-map CERT-MAP 10 SRHVPN
application-type citrix-receiver default tunnel-group SRHVPN
group-policy DfltGrpPolicy attributes
vpn-tunnel-protocol ikev1 ikev2 l2tp-ipsec ssl-client ssl-clientless
default-domain value sr.vpn.donot.ts
group-policy GroupPolicy_SRHVPN internal
group-policy GroupPolicy_SRHVPN attributes
wins-server value 10.10.10.253
dns-server value 10.10.10.252
vpn-simultaneous-logins 3
vpn-tunnel-protocol ikev1 ikev2 l2tp-ipsec ssl-client ssl-clientless
default-domain value sr.vpn.donot.ts
address-pools value SRHVPN
Solved! Go to Solution.
12-19-2020 10:19 AM - edited 12-19-2020 10:19 AM
Hello,
I also encountered this error while I was not using any DHCP server on the tunnel group.
What helped me was this command:
vpn01# show ip local pool POOL_VPN_224
Begin End Mask Free Held In use
10.22.11.224 10.22.11.239 255.255.255.240 12 0 4
So what does this command tells me is that from the 16 IPs of the pool 4 are taken and 12 free.
Use it and check accordingly.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: