Solved

anyconnect on cisco asa  CSTP not enabled

Posted on 2014-03-08
4
1,994 Views
Last Modified: 2014-03-25
I am on a cisco asa 5505 v 903
I am trying to get the cisco anyconnect working however whenever I try to vpn in I get the following error message:

"CSTP not enabled"
I have never seen that error message before I am having an issue finding a solution in my reasearch

below is my config


webvpn
 enable LAN
 anyconnect image disk0:/anyconnect-win-3.1.05152-k9.pkg 1
 anyconnect enable
 tunnel-group-list enable
group-policy SSLClientPolicy internal
group-policy SSClientPolicy internal
group-policy SSClientPolicy attributes
 vpn-tunnel-protocol ssl-client ssl-clientless
username xxxx password xxxxxx encrypted privilege 15
username xxxx attributes
 service-type remote-access
tunnel-group SSLClientGroup type remote-access
tunnel-group SSLClientGroup general-attributes
 address-pool SSLClientPool
 default-group-policy SSLClientPolicy
0
Comment
Question by:mmercaldi
  • 2
  • 2
4 Comments
 
LVL 51

Expert Comment

by:Netman66
Comment Utility
This is a good resource to see how to set this up.

http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/100918-asa8x-anyconnect-vpn-config.html

Not sure, but it appears you may have enabled it on the inside rather than outside.
0
 

Accepted Solution

by:
mmercaldi earned 0 total points
Comment Utility
found the issue
I mistyped my own policy
group-policy SSLClientPolicy internal
group-policy SSClientPolicy internal
group-policy SSClientPolicy attributes

I fogot the L when I made the attributes
0
 
LVL 51

Expert Comment

by:Netman66
Comment Utility
Good catch.  Read right over that too!
0
 

Author Closing Comment

by:mmercaldi
Comment Utility
it was my own mistake for mistyping the commands
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Like many others, when I created a Windows 2008 RRAS VPN server, I connected via PPTP, and still do, but there are problems that can arise from solely using PPTP.  One particular problem was that the CFO of the company used a Virgin Broadband Wirele…
This article assumes you have at least one Cisco ASA or PIX configured with working internet and a non-dynamic, public, address on the outside interface. If you need instructions on how to enable your device for internet, or basic configuration info…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

744 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

13 Experts available now in Live!

Get 1:1 Help Now