Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

unauthorized connection mechanism

Hi,

I have a Cisco 5520 cluster and Cisco Anyconnect Secure Mobility Client 3.0.5080. I eventually want to connact by means of a Smard Card and I was able to connect a view weeks ago. Now I am hastled by the error Logon denied, unauthorized connection mechanism, contact your administrator.
Well that's me and a do not know anymore where to look on the Asa. I thought it had something to do with the authentication method, but AAA (AD or Local), nor cetificates is now working.

Cisco's solution...:

Error: "Login Denied , unauthorized connection mechanism , contact your administrator"

AnyConnect clients are failing to connect to a Cisco ASA. The error in the AnyConnect window is "Login Denied , unauthorized connection mechanism , contact your administrator".

Solution

This error message occurs mostly because of configuration issues that  are improper or an incomplete configuration. Check the configuration  and make sure it is as required to resolve the issue.

Does not help quite. Please help.

Thanks

Frank

6 REPLIES
New Member

unauthorized connection mechanism

Found the cause. There was a certificate mapping pointing to a Clientless SSL VPN connection profile. That, ofcourse, does not match with the SSL VPN mechanism used with Anyconnect.

New Member

I just had this frustration

I just had this frustration and it was due to no attributes on the local user account, simply remove the attributes option for the username. 

conf t

no username <username> attributes

New Member

unauthorized connection mechanism

You get this error if VPN tunnel protocol not specified correctly, on ASA 8.4:

# vpn-tunnel-protocol ?

group-policy mode commands/options:
ikev1           IKE version 1
ikev2           IKE version 2
l2tp-ipsec      L2TP using IPSec for security
ssl-client      SSL VPN Client
ssl-clientless  SSL Clientless VPN

New Member

unauthorized connection mechanism

Whenever I see this error, it usually fixes itself after about 2 hours. Is there a quicker way to fix this? The Cisco "solution" below makes no sense. The 2nd sentence doesn't even sound like it's written in English.

Solution

This error message occurs mostly because of configuration issues that are improper or an incomplete configuration. Check the configuration and make sure it is as required to resolve the issue

New Member

unauthorized connection mechanism

I had the same problem today after setting up a Dynamic Access Policy for AnyConnect VPN users.  From the ASDM I added the Access Method of "Both-Default-Web-Portal" to my Dynamic Access Policy (DAP) and was able to connect again from the AnyConnect client. 

The commands that were changed were the following:

dynamic-access-policy-record RemoteAccessUsers

webvpn

svc ask enable default webvpn

New Member

I had this problem too.  I

I had this problem too.  I had made some changes on the previous day, I somehow deleted the group-policy from the tunnel-group.  Once I applied the group policy it started working again.  

30629
Views
5
Helpful
6
Replies
CreatePlease to create content