[2 days left] What’s wrong with your cloud strategy? Learn why multicloud solutions matter with Nimble Storage.Register Now

x
?
Solved

RA VPN error (service provider in your location is restricting access)

Posted on 2016-09-19
4
Medium Priority
?
1,187 Views
Last Modified: 2016-09-20
How can I bypass this? It's driving me nuts. I was able to get to by pass this and login to VPN on one of the machines but I can't on the other.

2016-09-19_11-59-47.jpg
Also, now I am unable to authenticate the password, it keeps bouncing me back to the below window. How was I able to do this last week if it's not working this week?

2016-09-19_12-11-14.jpg
CONFIG
webvpn gateway SSL_VPN_GATEWAY
 ip address ########### port 443  
 ssl encryption rc4-md5
 ssl trustpoint SSL_VPN_CERT
 inservice
 !
webvpn install svc flash:/webvpn/anyconnect-win-3.1.03103-k9.pkg sequence 1
 !
webvpn context SSL_CONTEXT
 ssl authenticate verify all
 !
 url rewrite
   unmatched-action redirect

 acl "SSL_ACL"
   permit ip 172.28.6.100 255.255.255.192 172.28.6.100 255.255.255.192
   permit ip 172.28.6.64 255.255.255.192 172.28.6.64 255.255.255.192 
!
 policy group SSL_POLICY
   acl "SSL_ACL"
   functions svc-enabled
   functions svc-required
   filter tunnel SSL_ACL
   svc address-pool "SSL_VPN_POOL" netmask 255.255.255.192
   svc rekey method new-tunnel
   svc split include 172.28.6.64 255.255.255.192
   svc dns-server primary 8.8.8.8
 default-group-policy SSL_POLICY
 aaa authentication list SSL_VPN_AAA
 gateway SSL_VPN_GATEWAY
 max-users 2
 inservice
!

Open in new window

0
Comment
Question by:Shark Attack
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
  • 2
4 Comments
 
LVL 57

Expert Comment

by:Pete Long
ID: 41806026
The site are on has a proxy server, or you need to authenticate to the wireless infrastructure? AnyConnect uses https thats why you are seeing this error, you need to ask the proxy server provider to allow internet access for your machine on port TCP 443 (they will probably say no). Or authenticate to the wireless.
0
 
LVL 22

Accepted Solution

by:
Jody Lemoine earned 1000 total points
ID: 41806465
This happens whenever the AnyConnect client detects a captive portal. If there isn't one, AnyConnect can still detect one in error and produce this result. If this happens, there are a few things you can do.

  1. Login via your web browser, which will handle the initial connection and start AnyConnect with the necessary information to connect.
  2. Add http-redirect to your gateway configuration. AnyConnect expects to be able to reach its endpoint on 80/tcp and 443/tcp and if it can't, it detects a blockage. With http-redirect, all non-secure connection attempts are redirected to 443/tcp, satisfying AnyConnect's tests.
  3. If you have AnyConnect 4.x, you can disable the client's captive portal detection in the client preferences.
0
 
LVL 57

Assisted Solution

by:Pete Long
Pete Long earned 1000 total points
ID: 41806627
As pointed out above
Disable Captive Portal
0
 
LVL 3

Author Comment

by:Shark Attack
ID: 41806660
sweet! i used to HTTP-redirect to 80 and it works.! thanks all!
0

Featured Post

Will your db performance match your db growth?

In Percona’s white paper “Performance at Scale: Keeping Your Database on Its Toes,” we take a high-level approach to what you need to think about when planning for database scalability.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

In this article, WatchGuard's Director of Security Strategy and Research Teri Radichel, takes a look at insider threats, the risk they can pose to your organization, and the best ways to defend against them.
What monsters are hiding in your child's room? In this article I will share with you a tech horror story that could happen to anyone, along with some tips on how you can prevent it from happening to you.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…
Suggested Courses

656 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question