Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
565
Views
0
Helpful
2
Replies

VPN fails in Anyconnect IKEV2 remote access with local authentication

Rajesh11735
Level 1
Level 1

‎03-24-2023 01:02 PM

Hey guys, 

I am trying to setup a Anyconnect IKEV2 VPN by following the below link. I am attaching the debug log and the router config (includes tested config changes). I am using the router's self signed cert and also changed the BypassDownloader option to "true". Used smart defaults as well as specific IKEV2 proposals but didnt work. I am getting the error: The VPN Client failed to establish a connection. Please check and suggest a solution.

Thanks in advance!

https://www.cisco.com/c/en/us/support/docs/security/flexvpn/200555-FlexVPN-AnyConnect-IKEv2-Remote-Access.html

Labels:
Preview file
13 KB
Preview file
28 KB
Preview file
133 KB
0 Helpful
2 Replies 2

Rob Ingram
VIP
VIP

‎03-24-2023 01:11 PM

@Rajesh11735 from the link you provided.....

Authenticating and Authorizating users using the Local Database

Note: In order to authenticate users against the local database on the router, EAP needs to be used. However, in order to use EAP, the local authentication method has to be rsa-sig, so the router needs a proper certificate installed on it, and it can't be a self-signed certificate.

0 Helpful

Rajesh11735
Level 1
Level 1

‎03-24-2023 01:36 PM

Thanks for the quick response, Rob! I will check on this and get back here with the results. 

0 Helpful
Customers Also Viewed These Support Documents