Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Cisco AnyConnect Client + Remote Desktop / Virtual Machine

Hi,

I'm running a virtual machine with Windows XP x86 on Windows 7 Virtual PC x64 and want to connect to our ASA 5505 VPN using AnyConnect 2.4.202.

I set up a new profile with WindowsVPNEstablishment set to AllowRemoteUsers but when trying to establish the VPN connection I get the following error:

VPN establishment capability from a remote desktop is disabled.  A VPN connection will not be established.

I found this posting, but the link posted to a possible solution does not work.

Also http://asapedia.cisco.com/index.php/Launch_anyconnect_within_RDP_session#Solution does not respond / timeout.

What may I do?

Alex

Everyone's tags (4)
1 REPLY
Bronze

Re: Cisco AnyConnect Client + Remote Desktop / Virtual Machine

You'll likely need to push the modified template from the ASA to the client to get it working properly. I set this up this morning and it worked wonderfully.

Since you've modified the AnyConnectProfile.tmpl with the necessary changes, upload that modified file to the ASA using the CLI or ASDM. A good place is just "disk0:/AnyConnectProfile.tmpl".

In the webvpn config mode, create a new profile using that file:

ciscoasa(config)# webvpn

ciscoasa(config-webvpn)# svc profiles MY-PROFILE disk0:/AnyConnectProfile.tmpl

Next, you'll need to associate this profile on either a per-group or per-user basis, or both:

ciscoasa(config)# username testuser attributes
ciscoasa(config-username-attributes)# webvpn
ciscoasa(config-username-webvpn)# svc profiles value MY-PROFILE
 
 *OR*

ciscoasa(config)# group-policy my-vpn-group attributes
ciscoasa(config-group-attributes)# webvpn
ciscoasa(config-group-webvpn)# svc profiles value MY-PROFILE

The next time you connect with the AnyConnect VPN client, the new profile should be downloaded and applied immediately. The changes you made to AllowRemoteUsers should allow you to connect via your RDP session without error.

Good luck!

James

32783
Views
0
Helpful
1
Replies
CreatePlease login to create content