If you're the ASA administrator read this article for instructions how to configure this.īut what if you're not the ASA administrator or the admin can't/won't to make this change for some reason? We can hack it! I don't normally write blog posts like this, but I honestly can't think of a single good reason to block VPN access from a remote desktop, so I don't consider this bypassing a security setting.
Usually this is done by the ASA administrator using the Cisco Adaptive Security Device Manager (ASDM). The correct way to fix this is by configuring the Citrix VPN profile on the ASA. The client profile is an XML file that gets pushed out to the An圜onnect client every time the VPN is established.
A VPN connection will not be established. VPN establishment capability for a remote user is disabled. If you get the following error when connecting to a Cisco An圜onnect VPN from Windows, it's because the VPN establishment capability in the client profile doesn't allow connections from a remote desktop session.
