Jan 9, 2013![User User](/uploads/1/1/3/6/113630565/691229290.jpg)
See More Results
it's probably just me but I have tried real hard to get a simple AnyConnect setup working in a lab environment on my ASA 5505 at home, without luck. When I connect with the AnyConnect client I get the error message 'User not authorized for AnyConnect Client access, contact your administrator'. I have searched for this error and tried some of the few solutions out there, but to no avail. I also updated the ASA from 8.4.4(1) to 9.1(1) and ASDM from 6.4(9) to 7.1(1) but still the same problem.
The setup of the ASA is straight forward, directly connected to the Internet with a 10.0.1.0 / 24 subnet on the inside and an address pool of 10.0.2.0 / 24 to assign to the VPN clients. Please note that due to ISP restrictions, I'm using port 44455 instead of 443. I had AnyConnect working with the SSL portal, but IKEv2 IPsec is giving me a headache. I have stripped down certificate authentication which I had running before just to eliminate this as a potential cause of the issue. When running debugging, I do not get any error messages - the handshake completes successfully and the local authentication works fine as well.
ASA Version 9.1(1)
!
hostname ASA
domain-name ingo.local
enable password .. Rmarkdown rstudio. encrypted
xlate per-session deny tcp any4 any4
xlate per-session deny tcp any4 any6
[Code] ...
The setup of the ASA is straight forward, directly connected to the Internet with a 10.0.1.0 / 24 subnet on the inside and an address pool of 10.0.2.0 / 24 to assign to the VPN clients. Please note that due to ISP restrictions, I'm using port 44455 instead of 443. I had AnyConnect working with the SSL portal, but IKEv2 IPsec is giving me a headache. I have stripped down certificate authentication which I had running before just to eliminate this as a potential cause of the issue. When running debugging, I do not get any error messages - the handshake completes successfully and the local authentication works fine as well.
ASA Version 9.1(1)
!
hostname ASA
domain-name ingo.local
enable password .. Rmarkdown rstudio. encrypted
xlate per-session deny tcp any4 any4
xlate per-session deny tcp any4 any6
[Code] ...
See full list on cisco.com. The Remote Access VPN (Virtual Private Network) service allows authenticated users to securely access the UAA network from outside of campus, as if they were on campus, and encrypts the information sent to the network. The VPN service allows authorized users a way to connect into the campus netwo.
Remote Users Group: Connection Denied
![User User](/uploads/1/1/3/6/113630565/691229290.jpg)
User Not Authorized For Anyconnect Client Access Control
- Base Laptop: Each base laptop has the Cisco AnyConnect client and the USAF VPN Client loaded. Cisco AnyConnect is utilized by the ANG and will give you access to the base network, Outlook, base share drives, etc., as if you were in the office. This VPN is not available until Comm completes the required pre-configuration and account.
- The client endpoint does not have the correct user profile to initiate an IKEv2 connection. The AAA server that is being used does not authorize IKEv2 as the connection mechanism. The administrator is restricting access to this specific user. The IKEv2 protocol is not.