KB ID 0001699
I was assisting a colleague to setup some AnyConnect for a client this afternoon, when all of a sudden I was met with this;
Logon denied, unauthorised connection mechanism, contact your administrator
The reason why this is happening is because the GROUP POLICY your AnyConnect PROFILE is using does not have SSL enabled. (This makes no sense as it was working with LOCAL authentication, but this is how I fixed it).
You will be either using a specific group policy or the DfltGrpPolicy
IF USING THE DEFAULT GROUP POLICY Petes-ASA(config)# group-policy DfltGrpPolicy attributes Petes-ASA(config-group-policy)# vpn-tunnel-protocol ssl-client ssl-clientless IF USING A SPECIFIC GROUP POLICY (Remember to include any, that already exist! e.g. l2tp-ipsec) Petes-ASA(config)# group-policy PNL-GP-ANYCONNECT-ACCESS attributes Petes-ASA(config-group-policy)# vpn-tunnel-protocol ssl-client ssl-clientless l2tp-ipsec
Or, if you really HAVE TO use the ASDM.
Configuration > RemoteAccess VPN > Network (Client) Access > Group Policies > Select the Group Policy you are using > Edit.
General > More Options > Tick the SSL Options > OK > Apply.
Don’t forget to save your changes! Then try connecting again.
Related Articles, References, Credits, or External Links