How to enable Cisco Anyconnect VPN through Remote Desktop


Problem:

RDP not working over VPN? Getting this error message?

VPN Establishment capability from a Remote Desktop is disabled. A VPN Connection will not be established.

Solution:

By default, VPN establishment capability is disabled once you remote into a remote desktop session. To enable Cisco Anyconnect VPN through a remote desktop you must first create an Anyconnect Client Profile.

The client profile is basically a XML file that gets pushed out to the client upon VPN establishment. This XML file can be created using a text editor or ASDM. I wouldn’t recommend using anything but the ASDM to create this file as you will see.

  1. To create this profile, launch ASDM > Remote Access VPN > Expand Network (Client) Access > Anyconnect Client Profile.asaclientprofile1
  2. Click Add to create a profile
  3. Give the profile a name and select the VPN group policy it applies to.asaclientprofile2
  4. *IMPORTANT* Once you select OK make sure you click APPLY so the xml gets created. This needs to be done before you can edit the profile
  5. Next, edit the profile > Under Preferences (Part 1) > Windows VPN Establishment > Select “AllowRemoteUsers” > then hit OK.
  6. Make sure you click apply once more and save your changes.asaclientprofile3
  7. Next remote desktop and try connecting to the VPN!
Related Posts with Thumbnails