Vpn Establishment Capability From A Remote Desktop Is Disabled

Posted on by

I ran into a problem recently while I was using remote desktop on one of my servers hosted up on Azure. While I was on that server, I needed to make a VPN connection back to our corporate network. Unfortunately, after I installed the Cisco AnyConnect client, and I tried to make the connection, I was greeted with the following error:

  1. Still, VPN connections traverse external networks, and the encrypted VPN does not enhance the availability of remote connections. Also, VPNs with encrypted tunnels can affect the organizational capability to adequately monitor network communications traffic for malicious code.
  2. 'VPN establishment capability from a remote desktop is disabled. A VPN connection wil not be established' I have looked in the ELS-IMelAde-TCP.XML connection profile and the settings seem to allow it according to the Cisco VPN XML Reference ( Table A-19 ) SingleLocalLogon.
  3. I am using Anyconnect (ver. VPN is working from desktop, but doesn't work through RDP connection. In the XML file the following settings about remote session was changed to: SingleLocalLogon AllowRemoteUsers but anyconnect doesn't work.
  4. VPN Establishment capability from a Remote Desktop is disabled To get this to work you'll probably want the latest Any Connect client, and you'll need to modify the Any Connect Profile.tmpl file. The file can be found on your machine (once the client is installed).
Vpn Establishment Capability From A Remote Desktop Is DisabledVpn establishment capability from a remote desktop is disabled. a vpn connection

VPN Establishment capability from a Remote Desktop is disabled To get this to work you'll probably want the latest Any Connect client, and you'll need to modify the Any Connect Profile.tmpl file. The file can be found on your machine (once the client is installed).

VPN Establishment capability from a Remote Desktop is disabled. A VPN Connection will not be established.

I did a lot of research, and found out that in order to allow this, you need to first setup a Client Profile on the Cisco ASA. Here are the steps I went thru to get this completed.

Vpn Establishment Capability From A Remote Desktop Is Disabled

  1. Launch the Cisco ASDM
  2. Click on Configuration.
  3. Expand “Network (Client) Access”
  4. Click on “AnyConnect Client Profile”
  5. Since, I did not have any existing profiles, I clicked the Add button.
  6. Pick a name for the Profile.
  7. Select the Group Policy that this profile will apply to, and click OK
  8. Before editing the profile, click on the Apply button to generate the XML file.
  9. Under “Preferences (Part 1)” go to “Windows VPN Establishment” and select AllowRemoteUsers from the drop down, and then click OK.
  10. Click on the Apply button to update the XML file.
  11. You should now be able to test connecting to your network from within a Remote Desktop session.
  12. Assuming everything works as expected, I recommend hitting the Save button to write your configuration to memory.