Help .... Anyconnect on xp with sbl enabled

mjvansabben · ‎04-04-2014

Hi,

Summary

- ASA5510

- Clients xpsp3 with anyconnect 3.0

- enabled 'start before logon'

When i hit ctrl-alt-del the anyconnect screen appears. When i hit connect it says connection failed. There is no login where i can put the configured user on the asa on.

I click cancel the windows login appears. I login and then at the desktop the anyconnect pops up with a screen to login to the asa vpn. i enter my credentials and the vpn connection is established.

Question: Why dont i get a cisco login before logging in to the computer ??

jmeggers · ‎04-04-2014

Probably not much we can do with out more information, but here's something to start with:

From: http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/107598-sbl.html#svg

Troubleshoot SBL

Use this procedure if you encounter a problem with SBL:

Ensure that the profile is pushed.

Delete prior profiles; search for them on the hard drive to find the location: *.xml.

When you go to the Add/Remove programs, do you have both an AnyConnect installation and AnyConnect VPNGINA installation?

Uninstall the AnyConnect client.

Clear the AnyConnect log of the user in the Event Viewer and retest.

Web browse back to the security appliance to reinstall the client.

Make sure that the profile also appears.

Reboot once. On the next reboot, you are prompted with the Start Before Logon prompt.

Send the AnyConnect event log to Cisco in .evt format .

If you see this error, delete the user profile and use the default profile:

Description: Unable to parse the profile
C:\Documents and Settings\All Users\Application Data\Cisco\Cisco AnyConnect VPN Client\Profile\ VABaseProfile.xml.
Host data not available.

swapsakker · ‎04-07-2014

Are you trying to connect right a way, when you can? Had the same problem and found out, that i just had to wait 5-10 sec. bare fore i pressed connect, to be sure the connection was established.