Windows: Group Policy is Preventing Login (Switch User)
The complete message is: "Group policy is preventing login in because multiple users are logged into this machine." This occurs on Windows computers when you use the "Switch User" function to login an additional user while keeping the original user logged in (so as not to have to close the first user's programs and documents). Unfortunately, this just doesn't work for the Cisco client. Before attempting to connect to the VPN, you must log all of the other users out. You must be the only user logged into the computer when you establish a VPN connection.
Windows: Interprocess Communication Depot Error (Internet Connection Sharing)
The error message is: "The vpn client agent was unable to create the interprocess communication depot." This error is caused by having Internet Connection Sharing (ICS) enabled. See Turn Off Internet Connection Sharing for instructions on how to disable Internet Connection Sharing, should you encounter this problem.
Windows: VPN Client Driver Error
The initial error message is: "The VPN client driver has encountered an error," followed by another dialog that says "AnyConnect was not able to establish connection to the specified secure gateway. Please try connecting again." We aren't yet sure what causes this problem. However, it appears that it may be resolved, at least in some cases, by uninstalling and re-installing the SSL VPN client. Use the Add/Remove Programs control panel to remove the Cisco AnyConnect client, just as you would any other program (do not just delete the desktop icon). It may be advisable to reboot. Then direct your web browser to http://vpn.lehigh.edu and download a fresh copy of the client.
Windows: Third-Party Firewalls
We have not yet found any situation in which the built-in software firewall that is provided by the operating system interferes with setting up a VPN connection. However, we have encountered some situations where a third-party security product that includes network protection, such as McAfee Internet Security, may prevent a VPN connection from being established. (The error message in such a case may be the generic "Driver Error" message described above.) Theoretically, there should be either configuration settings to permit the connection, or a way to temporarily disable the network function of the security product, but as each product is different (including different versions from the same vendor), we cannot provide details (consult the vendor's website for your particular product). In one case, it was necessary to remove (uninstall) the security product in order to get the VPN to work.
Cisco's Troubleshooting Guide
If you don't find the answer you're looking for here, you might also try the Cisco AnyConnect VPN Client Troubleshooting Guide ... Of course, for many people, this guide is way too technical; that's ok. Contact the Help Desk at 610-758-4357, and tell us what's going on.
Connecting to VPN "Library Resources" group using the AnyConnect Mobile app
If you're trying to use a smartphone to connect to library databases, journal articles, or access your Lehigh subscription to The New York Times or The Wall Street Journal, you'll need to have the Cisco AnyConnect client installed. This free app is called "Cisco AnyConnect" on the iOS App Store, and on the Google Play App store it's just called "AnyConnect" from publisher Cisco Systems. After installing the app, start it up, tap on Connections, and tap on Add VPN Connection... Enter "Lehigh" as the description and 'vpn.lehigh.edu' as the server address, then tap on Save in the upper right. If an iOS or Android prompt appears, asking if you'd like to allow VPN Configurations to be added, tap on Allow.
Now that the Lehigh connection is present, on the AnyConnect home screen you can:
- Tap on the activation toggle for the VPN connection
- You'll be presented with the login screen. Instead of logging in immediately, look for the Back option in the upper left and tap on it.
- You'll see the Group menu, tap on it and the Select Group menu will appear with two options: "GeneralAccess" and "LibraryResources." Tap on LibraryResources and a check mark will appear next to that option, confirming your choice. Now tap on the Authentication button in the upper left and you'll be taken back to the login window.
- Enter your Lehigh username and password. The system will prompt you for your Duo second factor. Pick whichever method you prefer. After Duo authentication you'll be taken to the AnyConnect home screen with the connection toggle in green, and a small VPN icon at the top left of your screen.
- You can now switch to your web browser or other app requiring VPN access. As long as you see the VPN icon in the status bar at the top of the screen, you know you're connected to the Lehigh VPN. When you want to disconnect, just switch back to the AnyConnect app and tap on the activation toggle again. It will become greyed out and the VPN icon at the top of the screen will disappear. You're done!