Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

AnyConnect VPN connection with RDP

JR-Q
Here to help
‎Jul 17 2023 10:16 AM
‎Jul 17 2023 10:16 AM

AnyConnect VPN connection with RDP

Hey everyone - I'm having an issue with getting a VPN connection from a workstation that I'm connected to via RDP.

 

I've done some reading, and my understanding was that the profile needed to have "Allow Remote Users" included in the configuration, but even after making that change, I get the same error saying "VPN establishment capability for a remote user is disabled".  

 

My xml profile is below - I modified this directly in the VPN profile editor.

 

Is there something that needs to be setup on the MX side to make this work?

 

Screenshot 2023-07-17 131307.png

 

Thanks for the help!

Labels:
Subscribe
4 Replies 4
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Jul 17 2023 12:13 PM
‎Jul 17 2023 12:13 PM

Does the site you are connecting to push a profile?  If so, editing a local profile won't make a difference.  You would need the VPN head-end profile to be updated to allow the VPN connection from an RDP session.

 

From my recollection, the setting you reference is the one that needs to be changed.

0 Kudos
Subscribe
In response to PhilipDAth
JR-Q
Here to help
‎Jul 17 2023 12:24 PM
‎Jul 17 2023 12:24 PM

I'm attempting to connect to an MX84, and the profile update feature is currently disabled, so that isn't the issue.

 

Thanks!

Subscribe
In response to JR-Q
Randrage
Conversationalist
‎Aug 23 2023 7:50 PM
‎Aug 23 2023 7:50 PM

Did you ever figure this out? I'm having the same problem.

0 Kudos
Subscribe
In response to Randrage
JR-Q
Here to help
‎Aug 23 2023 8:18 PM
‎Aug 23 2023 8:18 PM

I ended up opening a TAC case with Cisco - sent them a DART package, and they were able to determine that everything was configured correctly, but a profile was being pushed from the MX (even though the "push profile" option was disabled).    So I loaded the correct profile to the MX and enabled it to push, and its been working fine since then.

Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.