Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

AnyConnect config that actualy...I dunno...WORKS????

This has been driving me nuts for the past couple weeks. I cannot, for the life of me, find a configuration guide for AnyConnect that actually works.

The wizard in the ASDM doesn't work. A lab that I got from Cisco training today didn't work. The guides from Cisco's site are very limited unless you want to try and config it through CLI and slit your wrists at the same time.

Crazy stuff! I know it works, I've seen some sweet pics of the client loaded up with, the tunnel active, etc.

I'm not trying to do anything special, just configure a VPN using AnyConnect. Every time I try, and I've tried from 3 different computers, I get an error that says:

An error was received from the secure gateway in response to the VPN negotiation request.

The logs show on the ASA show an error that states:

No address available for SVC connection

That's cool but I have a dhcp pool configured and assigned to the group policies.

What gives? (and yes... I'm frustrated.)

4 REPLIES
Silver

Re: AnyConnect config that actualy...I dunno...WORKS????

As new features are released for the AnyConnect client, you must update the AnyConnect clients of your remote users for them to use the new features. To minimize download time, the AnyConnect client requests downloads (from the security appliance) only of modules that it needs for each feature that it supports. To enable new features, you must specify the new module names using the svc modules command from group policy webvpn or username webvpn configuration mode:

http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnect20/administrative/guide/admin6.html

Silver

Re: AnyConnect config that actualy...I dunno...WORKS????

Don't put in DHCP pool,

Configured IP address as a LOCAL POOL (USE INTERNAL ADDRESS POOL) and check.

Regards,

Dharmesh Purohit

Community Member

Re: AnyConnect config that actualy...I dunno...WORKS????

Thanks for the replies. I actually had the config right but there's a bug in the 8.0(2) code that was preventing me from connecting. Apparently the bug affects ASA's with ONLY 2 webvpn licenses. If you have more, you're fine.

The bug ID is:

cscsj02842

Community Member

Re: AnyConnect config that actualy...I dunno...WORKS????

Add a address pool under

tunnel-group DefaultWEBVPNGroup general-attributes

For some reason the ASA wants to use that tunnel group and will not assign an address to any other group.

1311
Views
0
Helpful
4
Replies
CreatePlease to create content