02-01-2012 05:26 AM - edited 02-21-2020 05:50 PM
Hi Folks,
The Specs,
Win 7
ASA 5505
AnyConnect-win-3.0.3054-k9.pkg
Attempting Web Deployment
I'm working with the ASA and a directly connected laptop running Win 7 and I'm trying to configure the AnyConnect client to download and install. I have used these before, just never with webVPN. I'm using local authentication on the ASA. When I point IE9 to the ASA I get the login prompt and the option to select from which group. Here's where the problem starts....
When I go to the VPN webpage and login with a known good username and password nothing happens. It just brings me right back to the login screen. No errors appear. When I run "show vpn-sessiondb" on the ASA it does show that there is a session. ( I have the default 2 max connections). But I never get the ActiveX to start the d/l. of the client. Every seond time I attempt this I have to go into the asa and disconnect the 2 sessions.
My users have full 15 permissions and I have gone through the connection wizard a few times. I have also worked through the Cisco Guide located here --> http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnect30/administration/guide/ac02asaconfig.html
Any thoughts ?
Thanks
John
02-01-2012 08:12 AM
So as it turns out, This setup work ok on Win XP. I tested this with another XP laptop. I was able to connect and d/l the client through ActiveX.
Now my issue is that when I run the wizard and un-check the SSL protocol, leaving only IPSEC I get an error saying
"The secure gateway has rejected the connection attempt. A new connection attempt to the same or another secure gateway is needed, which requires re-authentication. The following message was received from the secure gateway: CSTP is not enabled".
I have googled CSTP and cannot find anything on this? Anyone guide me in the right direction?
Thanks
05-17-2012 09:01 AM
I am having the exact same issue. Did you ever find any additional information regarding this problem?
09-27-2013 02:33 AM
I resolved it now for us.
In the Server list entry in the ANY connect client profile the Host Address was filled in with an IP number.
I changed that to the FQDN and as of that moment the connection succeeds.
09-27-2013 01:55 AM
I have the same problem. I can't find any inormation about this error. The only thing I found is that CSTP is a proprietary Cisco protocol. But ther isn't any solution mentioned. I'm searching for it more than a week now.
Does anybody have a solution, please !!!
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: