Cisco Support Community
Community Member

WebVPN session terminated: Client type not supported.

I'm getting this error (WebVPN session terminated: Client type not supported) when i try to connect with anyconnect, i belive all i need is configured. If someone can help it would be greatly appreciated, config below.  thank you.

ame-hq# sh run aaa-se
ame-hq# sh run aaa-server
aaa-server AME protocol ldap
aaa-server AME (inside) host
 ldap-base-dn DC=AMEDEQ,DC=local
 ldap-scope subtree
 ldap-naming-attribute sAMAccountName
 ldap-login-password *****
 ldap-login-dn CN=Support User,OU=Staff,DC=AMEDEQ,DC=local
 server-type microsoft
 ldap-attribute-map VPN-Access

ame-hq# sh run webvpn
 enable outside
 anyconnect image disk0:/anyconnect-win-2.5.2014-k9.pkg 1
 anyconnect enable
 tunnel-group-list enable

ame-hq# sh run group-policy
group-policy DfltGrpPolicy attributes
 vpn-tunnel-protocol ssl-client
  anyconnect ssl rekey time 30
  anyconnect ssl rekey method ssl
  anyconnect dpd-interval client 60
group-policy useraccess internal
group-policy useraccess attributes
 dns-server value
 vpn-tunnel-protocol ssl-client
 default-domain value ame
group-policy amesslvpnaccess internal
group-policy amesslvpnaccess attributes
 wins-server value
 dns-server value
 dhcp-network-scope none
 vpn-tunnel-protocol ssl-client
 default-domain value amedeq.local
 address-pools value ame_vpn_pool
group-policy HBS internal
group-policy HBS attributes
 vpn-filter value HBS-Filter
 vpn-tunnel-protocol ikev1

ame-hq# sh run tunnel-group
tunnel-group useraccess type remote-access
tunnel-group useraccess general-attributes
 address-pool ame_vpn_pool
 authentication-server-group AME
 default-group-policy useraccess
tunnel-group useraccess ipsec-attributes
 ikev1 pre-shared-key *****
tunnel-group amesslvpnaccess type remote-access
tunnel-group amesslvpnaccess general-attributes
 address-pool ame_vpn_pool
 authentication-server-group AME
 default-group-policy amesslvpnaccess
tunnel-group amesslvpnaccess webvpn-attributes
 group-alias amevpn enable

ame-hq# sh run ip local pool
ip local pool ame_vpn_pool mask

Cisco Employee

Hi, Could you please collect


Could you please collect following debugs:


debug webvpn 127

debug webvpn anyconnect 127

debug aaa common

debug dap trace


--Start anyconnect


After collecting the debugs , turn off the debug using "undebug all"





Community Member

i found the problem with LDAP

i found the problem with LDAP map will need to rework it. After it was removed anyconnect started working.

ldap attribute-map VPN-Access
  map-name  msNPAllowDialin Tunneling-Protocols
  map-value msNPAllowDialin msNPAllowDialin "FALSE=3 TRUE=52"

CreatePlease to create content