Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Smart Card Problem with AnyConnect over RDP


For ASA 5545, v-8.6(1)2 and AnyConnect v-3.1.0165, I'm trying to start an AnyConnect client tunnel on a remote RDP (both ends Windows 7) machine and am having problems. The RDP is configured to proxy smart card devices which generally works fine. I'm using current SafeNet eToken with current client software. When I start AnyConnect from client machines (no RDP), the tunnel opens with no problem using the smart card. When I try to start the tunnel on the remote machine via RDP, I'm prompted for cert selection and smart card PIN, but get a popup from AnyConnect: 'VPN connection terminated, smart card removed from reader'. When I try to start the tunnel via RDP but use the ASA web server to start, the tunnel starts up fine with the smart card.


For the problem condition, the Windows event log on the remote RDP machine shows 3 entires (see below) wrt acvpnagent show smart card removal errors but the USB device is always inserted. Also, in investigating, I changed the client profile 'server list' config to SSL instead of IPSec. Same failure but the popup does not show.

VPN connection terminated, Smartcard removed from reader.

Description: VPNMGR_ERROR_SMARTCARD_REMOVED:A smartcard required for the connection has been removed

Thanks in advance for any assistance.


New Member

Smart Card Problem with AnyConnect over RDP

This can be resolved by going to services and disabling Smart card