Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

AnyConnect VPN on Cisco IOS router problem

Hi all,

I am using a Cisco 871 IOS router with IOS software release 12.4(20)T (Adv.Security) and the following configuration for SSL VPN access.

aaa new-model


aaa authentication login VPNCLIENT local

aaa authorization network VPNGROUP local

crypto pki trustpoint TP-self-signed-1188774920

enrollment selfsigned

subject-name cn=IOS-Self-Signed-Certificate-1188774920

revocation-check none

rsakeypair TP-self-signed-1188774920


username remote privilege 0 secret xxx



interface FastEthernet4

ip address


interface Loopback10

ip address


ip local pool VPN-1


webvpn gateway webvpngw-1

ip address port 443

ssl trustpoint TP-self-signed-1188774920

logging enable



webvpn install svc flash:/webvpn/svc_1.pkg sequence 1


webvpn context webvpncontext-1

ssl authenticate verify all


policy group webvpngroup-1

functions svc-enabled

timeout idle 3600

svc address-pool "VPN-1"

svc default-domain "home.loc"

svc keep-client-installed

svc dpd-interval gateway 30

svc rekey method new-tunnel

svc split include

svc split include

svc dns-server primary

default-group-policy webvpngroup-1

aaa authentication list VPNCLIENT

aaa authorization list VPNGROUP

gateway webvpngw-1

max-users 10

user-profile location flash:webvpn/webvpncontext-1/

logging enable



On the client side im using AnyConnect VPN Client version

When I connect to the specified IP address ( I've been asked for username and password. After successfull username/password

verfification I got the error message:

"An error was received from the secure gateway in response to the VPN negotiation request. Please contact your network administrator."

For troubleshooting I turned on the following debug commands.

debug webvpn tunnel

debug webvpn verbose

debug webvpn aaa

debug webvpn cookie

debug webvpn package

debug webvpn entry webvpncontext-1

You can find the output in the attachement

When the connection is closed - the debug shows the following message:

008305: Jul 18 11:35:21.940 CEST: %SSLVPN-5-SSL_TLS_ERROR: vw_ctx: webvpncontext-1 vw_gw: webvpngw-1 i_vrf: 0 f_vrf: 0 status: SSL/TLS connection

error with remote at

If you have any idea, pleas let me know!

Many thanks!!!

Best regards



Re: AnyConnect VPN on Cisco IOS router problem

1. Uninstalled and re-installed the webvpn package and the anyconnect package.

2. Assign the different pool for both ipsec and anyconnect clients.