RA VPN error (service provider in your location is restricting access)

How can I bypass this? It's driving me nuts. I was able to get to by pass this and login to VPN on one of the machines but I can't on the other.

2016-09-19_11-59-47.jpg
Also, now I am unable to authenticate the password, it keeps bouncing me back to the below window. How was I able to do this last week if it's not working this week?

2016-09-19_12-11-14.jpg
CONFIG
webvpn gateway SSL_VPN_GATEWAY
 ip address ########### port 443  
 ssl encryption rc4-md5
 ssl trustpoint SSL_VPN_CERT
 inservice
 !
webvpn install svc flash:/webvpn/anyconnect-win-3.1.03103-k9.pkg sequence 1
 !
webvpn context SSL_CONTEXT
 ssl authenticate verify all
 !
 url rewrite
   unmatched-action redirect

 acl "SSL_ACL"
   permit ip 172.28.6.100 255.255.255.192 172.28.6.100 255.255.255.192
   permit ip 172.28.6.64 255.255.255.192 172.28.6.64 255.255.255.192 
!
 policy group SSL_POLICY
   acl "SSL_ACL"
   functions svc-enabled
   functions svc-required
   filter tunnel SSL_ACL
   svc address-pool "SSL_VPN_POOL" netmask 255.255.255.192
   svc rekey method new-tunnel
   svc split include 172.28.6.64 255.255.255.192
   svc dns-server primary 8.8.8.8
 default-group-policy SSL_POLICY
 aaa authentication list SSL_VPN_AAA
 gateway SSL_VPN_GATEWAY
 max-users 2
 inservice
!

Open in new window

LVL 3
Shark AttackNetwork adminAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
Jody LemoineConnect With a Mentor Network ArchitectCommented:
This happens whenever the AnyConnect client detects a captive portal. If there isn't one, AnyConnect can still detect one in error and produce this result. If this happens, there are a few things you can do.

  1. Login via your web browser, which will handle the initial connection and start AnyConnect with the necessary information to connect.
  2. Add http-redirect to your gateway configuration. AnyConnect expects to be able to reach its endpoint on 80/tcp and 443/tcp and if it can't, it detects a blockage. With http-redirect, all non-secure connection attempts are redirected to 443/tcp, satisfying AnyConnect's tests.
  3. If you have AnyConnect 4.x, you can disable the client's captive portal detection in the client preferences.
0
 
Pete LongTechnical ConsultantCommented:
The site are on has a proxy server, or you need to authenticate to the wireless infrastructure? AnyConnect uses https thats why you are seeing this error, you need to ask the proxy server provider to allow internet access for your machine on port TCP 443 (they will probably say no). Or authenticate to the wireless.
0
 
Pete LongConnect With a Mentor Technical ConsultantCommented:
As pointed out above
Disable Captive Portal
0
 
Shark AttackNetwork adminAuthor Commented:
sweet! i used to HTTP-redirect to 80 and it works.! thanks all!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.