We have basic ASA scenario setup in a production environment configured for SSL anyconnect and security plus license. The authentication is using Radius server on a Windows 2012 and group membership in AD group to grant access. However, when I try to connect either using the webvpn link or the installed anyconnect client I am getting Login Failed error message, but apparently the authentication was successful (see debug below).
The running config of the vpn is
ASA Version 9.1(3) ! ip local pool pool1 10.150.30.1-10.150.30.250 mask 255.255.255.0
nat (inside,outside) source static any any destination static NETWORK_OBJ_10.150.30.0_24 NETWORK_OBJ_10.150.30.0_24 no-proxy-arp route-lookup
aaa-server SAD protocol radius aaa-server SAD (inside) host 192.168.10.15 key *****
http server enable crypto ca certificate chain comodo.trustpoint ssl trust-point comodo.trustpoint outside
webvpn enable outside no anyconnect-essentials anyconnect image disk0:/anyconnect/anyconnect-win-3.1.04072-k9.pkg 1 anyconnect enable tunnel-group-list enable group-policy DfltGrpPolicy attributes dns-server value 192.168.10.8 vpn-filter value vpn-tunnel-protocol ikev1 l2tp-ipsec ssl-client ssl-clientless
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :