AnyConnect – “Connection attempt has failed due to server communication errors’
Jan31

AnyConnect – “Connection attempt has failed due to server communication errors’

KB ID 0001279 Dtd 31/01/17 Problem We had a firewall fail at work this week, as part of the rebuild the latest OS was put on it, version 9.7(1). I thought no more about it until I tried to VPN in and got this; I used my Windows 10 VM and that connected fine, only my MacBook could not connect, this VPN tunnel is a big deal I need it to get onto client's networks. I tried my other VPN connections and every one was fine, only the...

Read More
Cisco AnyConnect – Allow Domain Password Change via LDAP
Jan14

Cisco AnyConnect – Allow Domain Password Change via LDAP

KB ID 0001273 Dtd 14/01/17 Problem   If you have remote users who connect via VPN, and a policy that forces them to change their password periodically, this can result in them getting locked out without the ability to change their password (externally). If your Cisco ASA is using LDAP to authenticate your users, then you can use your remote AnyConnect VPN solution to let them reset their passwords remotely. Solution Standard LDAP runs...

Read More
Cisco AnyConnect – With Google Authenticator 2 Factor Authentication
Nov10

Cisco AnyConnect – With Google Authenticator 2 Factor Authentication

KB ID 0001256 Dtd 09/11/16 Problem This was asked as a question on Experts Exchange this week, and it got my interest. A quick search turned up a bunch of posts that said, yes this is possible, and you deploy it with FreeRADIUS and it works great. The problem was, a lot of the information is a little out of date, and some of it is 'wrong enough' to make the non-technical types give up. But I persevered, and got it to work. Disclaimer:...

Read More
Cisco VPN – Split Tunnel Not Working?
Sep19

Cisco VPN – Split Tunnel Not Working?

KB ID 0001239 Dtd 19/09/16ProblemHere I'm dealing with AnyConnect VPNs, but the principles are exactly the same for both remote IPSEC and L2TP VPNs. You connect to your VPN and can no longer browse the internet from your remote location. You can confirm that split-tunnelling is working or not by connecting with your VPN client and looking at the routing information.SolutionBefore proceeding are you sure Split-Tunnelling has ever been...

Read More
AnyConnect – The VPN Connection Failed (Domain Name Resolution)
Sep15

AnyConnect – The VPN Connection Failed (Domain Name Resolution)

KB ID 0001236 Dtd 15/09/16 Problem This is a pretty generic error to be honest. AnyConnect Secure Mobility Client VPN The VPN connection failed due to unsuccessful domain name resolution. ¬† Solution Firstly, (and obviously) the name you are typing in the AnyConnect window can be resolved can’t it? If not then you might want to consider some employment that does not involve computers. Secondly (this is what usually trips me up)...

Read More
AnyConnect – ‘Your environment does not meet the criteria’
Aug25

AnyConnect – ‘Your environment does not meet the criteria’

KB ID 0001232 Dtd 25/08/16 Problem For an existing client, I was setting¬†up a new user. I connected their laptop though my mobile phone and attempted to connect. This is the error I got. Cisco AnyConnect Logon denied: Your environment does not meet the access criteria defined by your administrator. ¬† Solution A cursory glance over the firewall config didn’t yield anything in their AAA settings that was odd, they were simply...

Read More