VPN Establishment Capability for Remote User is Disabled [Fix]

  • The VPN establishment capability for a remote user is disabled is caused by problems with Cisco.
  • If you are using earlier versions of the program, Cisco will connect and disconnect instead of giving you an error.
  • Fix this network connection issue by configuring your Cisco Adaptive Security Device Manager.
  • To access the VPN settings if you are unable to, you should use a third-party remote access tool.

If you try to create a VPN connection using Cisco VPN, you might get the VPN establishment for a remote desktop is the disabled error message on your screen.

Depending on your version of Cisco AnyConnect, you might also get the error that states Cisco Anyconnect VPN establishment capability for a remote user is disabled. A VPN connection will not be established which has the same cause and can be solved by following the same steps.

However, you can quickly and easily fix it by following our set of instructions below. The solution is pretty straightforward.

We offer in-depth guidelines both for native remote desktop configuration, but you can also check our top recommendation for the best remote desktop third-party app.

Those who use early versions of AnyConnect 4 might not see this error, the issue appears more often for Cisco AnyConnect 3.1 patch and Windows 7 or XP users.

For the latest versions (above 4), Cisco connects and then immediately disconnects, which should be a sign that something’s wrong.

Plus, if you have debugging mode activated, you might receive the Profile settings do not allow VPN initiation from a remote desktop message.

That’s why it’s important to update the Cisco AnyConnect Secure Mobility Client to the latest version before proceeding with the following steps.

Does VPN work with remote desktop?

Yes. If you configure your remote desktop via a VPN server, you should be able to use it with no problems. In case your Cisco Anyconnect VPN is not working, try repairing your installation files or fixing your registry.

With a VPN you can easily access files on Windows 10 with ease and increased security. The VPN network encrypts your data, so the risk of leaking or losing private information is very low.

The configuration is simple. You just have to use the same VPN IP address on your remote desktop network to access it using a dedicated or native app.

How to enable VPN establishment capability from a remote desktop?

  1. Connect to the ASDM (Cisco Adaptive Security Device Manager).
  2. Go to Configuration > Remote Access VPN > Network Client remote Access > AnyConnect Client Profile.
  3. Set a Profile Name and pick a Group Policy to apply it to.
  4. Click OK.
  5. Set Windows Logon Enforcement to SingleLocalLogon.
  6. Set Windows VPN Establishment to LocalUsersOnly*.
    • You can also use AllowRemoteUsers if the solution doesn’t work for LocalUsersOnly.
  7. Save the profile as an XML.
  8. Connect to the firewall’s ASDM.
  9. Go to Tools > File Management > File Transfer > Between Local PC and Flash.
  10. Select and upload the XML you previously created.
  11. Once the file is uploaded, click Close.
  12. Go to Configuration > Remote Access VPN > Network (Client) Access > Group Policies.
  13. Select your Group Policy for your AnyConnect clients.
  14. Head over to Edit > Advanced > SSL VPN Client.
  15. Find the Client Profile to Download section and uncheck the Inherit button.
  16. Click New > Browser Flash and locate the XML file.
  17. Save all settings and try to reconnect using AnyConnect Mobility Client.

If you can’t access the VPN server settings, use a remote desktop solution like Mikogo instead of RDP.

  1. Disconnect from the RDP.
  2. Download and use Mikogo to connect to your device and then to the VPN in the remote session.
  3. Disconnect from Mikogo and connect to the RDP.

The VPN connection should still be up even after you disconnect.



Make remote desktop connections quick and fast with this user-friendly tool!
Check price Visit website

At this point you should be able to connect to your remote desktop without a hassle. If you keep experiencing problems, maybe the VPN client is not the best for you.

Check our overview for the best alternatives to Cisco VPN for better performance and improved privacy.

In conclusion, if you receive the VPN establishment capability for a remote desktop is disabled error message when trying to remotely connect to your office using Cisco VPN in RDP mode, just follow the steps above.

You can also read our in-depth article on how to correctly install Cisco VPN on your Windows 11 PC. It will help you avoid any errors along the way and maybe even save a little bit of time.

Leave a Comment