Hi

looking for help on anyconnect ! any ideas appreciated - thank you

I am trying to setup an anyconnect IKEv2 service. I have installed

asa9.17

anyconnect mobility client 3.1.141018-pre-deploy-k9  at a windows 7 machine

I have a self signed certificate for now.

I am NOT using SSL and am pre-loading the client ,

The client reports "the vpn server is not enabled " ... although it does seem to pick up the certificate .

The asa reports : May 17 2017 10:04:54: %ASA-4-722050: Group <GroupPolicy_AnyconnectConnprofile> User <bob> IP <9x.x.x.x session terminated SVC not enabled for user.

I used the adsm to configure the anyconnect profile.

Partial asa config:

ip local pool AnyConnectNetworkPool 172.29.24.5-172.29.24.10 mask 255.255.255.0

crypto ikev2 enable outside client-services port 443
crypto ikev2 remote-access trustpoint ASDM_TrustPoint0

webvpn
 anyconnect image disk0:/anyconnect-win-2.1.0148-k9.pkg 1
 anyconnect profiles AnyconnectConnprofile_client_profile disk0:/AnyconnectConnprofile_client_profile.xml
 anyconnect enable
 tunnel-group-list enable
 cache       
  disable

group-policy GroupPolicy_AnyconnectConnprofile internal
group-policy GroupPolicy_AnyconnectConnprofile attributes
 wins-server none
 dns-server value 10.1.1.1 10.1.1.2
 default-domain value blah.co.uk

vpn-tunnel-protocol ikev2

 webvpn
  anyconnect profiles value AnyconnectConnprofile_client_profile type user
group-policy GroupPolicy1 internal
group-policy GroupPolicy1 attributes
 vpn-tunnel-protocol ikev1 l2tp-ipsec

username bob password DFuQvmadeup ted privilege 15

tunnel-group AnyconnectConnprofile type remote-access
tunnel-group AnyconnectConnprofile general-attributes
 address-pool AnyConnectNetworkPool
 default-group-policy GroupPolicy_AnyconnectConnprofile
tunnel-group AnyconnectConnprofile webvpn-attributes
 group-alias AnyconnectConnprofile enable