# Cisco VPN user unable to connect



## handle (Dec 22, 2010)

Hello everyone,

This is my first post here so bear with me.

I have a Cisco ASA 5500 firewall and all of my users except one can connect to our network remotely via IPsec VPN connection except for one.

I have reset his password and have tried to connect via my computer using his login credentials from my VPN client and have had no luck. Also as of now if I create a new user the credentials are not working either.

I am brand new to dealing with Cisco firewalls so any help on this matter would be a big help.

If you need more info let me know.

Thanks,

Handle


----------



## Rivendale (Sep 17, 2010)

Hello handle, first post? Really?

More info would be good. Is there any sort of error text to go on? Does your account work on both systems?

Riv


----------



## handle (Dec 22, 2010)

Hey Rivendale,

Yep this is my first post here lol.

Unfortunately there really isnt much to go on. My credentials work fine on both systems, but the user in particular when i try to use his the darn VPN client fails to connect and then after a few bad attempts I get the following error.

Secure VPN Connection terminated locally by the Client.
Reason 413: User authentication failed.

Thanks for looking into this. It is getting a little frustrating.

Handle


----------



## Rivendale (Sep 17, 2010)

Hello, well, in that case Welcome to TSF!

It's been a while since i setup VPN.

Are you using SSL certificates generated by the Cisco ASA 5500?

I remember one time when i had problems with the cert, no new user accounts would connect, and i had to create a new cert and install it on all clients.

I still don't know why.

Riv


----------



## handle (Dec 22, 2010)

Thanks for the nice welcome!

It doesnt look like the old netword admin set up any SSL certs for the client. I have been through the config and could not find anything.

Handle


----------



## Rivendale (Sep 17, 2010)

Hello 

He could have used a pre-shared key. That should be ok, but goodness knows sometimes what goes on. 

Anyway...

Just wondering are the clients all accessing via web browser or is the connection software installed on clients?

Also, are the users authenticated to the local database, or is there a windows domain controller or other kind of server being used to authenticate?

Riv


----------



## handle (Dec 22, 2010)

We are using a VPN client v. 5.0.01.0600.

There is a windows DC on the network, but my gut is telling me that they are authenticating to the local database. Like I said I am pretty new to Cisco hardware so that is my best educated guess.

Handle


----------



## Rivendale (Sep 17, 2010)

Hello,

Would be interesting to adding a user and pass to the DC and see if VPN will authenticate it.

Happy Holidays!

Riv


----------

