When one of our user tries to connect to a business client's (BC) VPN using Cisco AnyConnect VPN Client Version 2.3.2016 the user receives the following error:
"Login Denied. Your environment does not meet the access criteria defined by your administrator."
After first initial install of Cisco AnyConnect (CAC) the user was able to access the VPN. The user states nothing was done differently that would of caused the error. I've contacted the BC's network admin and the admin states it is something to do with the PC, not the VPN.
I have completely uninstalled the client, to include removing registry entries and reinstalling the application with no change. The only way I have been successful in connecting to the BC's VPN whenever running the application as an administrator I am able to log into the VPN, which leads me to believe it's either a Window's profile issue or a permissions issue. To rule out the permissions issue I provided full control over the Cisco directory, however the issue still was not resolved.
Short of creating a new profile for the user, I'm all out of ideas. Does anyone know what causes this error or what the possible fix might be? I've scoured the web in search of a resolution, however there is only really one thread that describes this issue and the resolution lies with the administrator of the ASA.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...