08-19-2011 07:13 AM
I'm trying to get the phone VPN function working from a Cisco 7965 phone.
I can connect fine to the SSL VPN via a normal PC.
When I try from a phone, it tries to connect and returns with:
"VPN Authentication Failed"
yet, when I look on the ASA with "sh vpn-sessiondb anyconnect" I can see the phone has connected fine:
Username : fred Index : 17
Public IP : x.x.x.x
Protocol : AnyConnect-Parent
License : AnyConnect Premium, AnyConnect for Cisco VPN Phone
Encryption : AES128 Hashing : SHA1
Bytes Tx : 2417 Bytes Rx : 676
Group Policy : SSLClientPolicy Tunnel Group : SSLClientProfile
Login Time : 15:05:53 GMT/BDT Fri Aug 19 2011
Duration : 0h:00m:38s
Inactivity : 0h:00m:08s
NAC Result : Unknown
VLAN Mapping : N/A VLAN : none
Doing a "debug webvpn anyconnect 255", at the end shows:
CSTP state = CONNECTED
Any suggestions ?
Thanks,
GTG
08-30-2011 01:25 AM
Hi GTG,
What you are facing is really weired. Please go through the following doc and see if your phone is configured properly:-
https://supportforums.cisco.com/docs/DOC-9124
Please keep us posted.
Regards,
Sian
08-30-2011 01:42 AM
I found the problem: DTLS wasn't setup & working.
The "VPN Authentication Failed" message on the phone was a red-herring. (Gotta love useful error messages...)
GTG
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide