FIX: VPN establishment from a remote desktop is disabled

Elena Constantinescu
by Elena Constantinescu
VPN Expert & Privacy Advocate
Last update:
Affiliate Disclosure

  • The VPN establishment capability for a remote user is disabled is caused by problems with Cisco.
  • If you are using earlier versions of the program, Cisco will connect and disconnect instead of giving you an error.
  • Fix this network connection issue by configuring your Cisco Adaptive Security Device Manager.
  • To access the VPN settings if you are unable to, you should use a third-party remote access tool.
fix cisco remote desktop connection problems
Looking for reliable and safe remote desktop software? AnyDesk helps millions of users and IT professionals connect, collaborate, and solve various technical issues. Some of the key features include:

  • Banking-level encryption and total privacy
  • Multi-platform support for all major operating systems
  • Quick and Intuitive file transfer
  • Low bandwidth consumption and fast ping response
  • High frame rates to ease troubleshooting
  • Get Anydesk

If you try to create a VPN connection using Cisco VPN, you might get the VPN establishment from a remote desktop is disabled error message on your screen.

However, you can quickly and easily fix it by following our set of instructions below. The solution is pretty simple and straightforward.

Those who use early versions of AnyConnect 4 might not see this error. Instead, Cisco connects and then immediately disconnects, which should be a sign that something’s wrong.

Plus, if you have debugging mode activated, you might receive the Profile settings do not allow VPN initiation from a remote desktop message.

That’s why it’s important to update the Cisco AnyConnect Secure Mobility Client to the latest version before proceeding with the following steps.

5 Best VPNs we recommend

PIA VPN 79% Off
+ 2 free Months
sale-coupon Check offer!
CyberGhost VPN 83% Off (2.25$/Month)
+ 3 free Months
Check offer!
NordVPN 68% Off + 1, 12 or 24 free Months (random prize) Check offer!
SurfShark VPN 83% Off (2.21$/Month)
+ 3 free Months
Check offer!
BullGuard VPN 76% (2.83$)
on 2 Years plan
Check offer!

How do I enable VPN establishment on Remote Desktop?

  1. Connect to the ASDM (Cisco Adaptive Security Device Manager).
  2. Go to Configuration > Remote Access VPN > Network Client remote Access > AnyConnect Client Profile.
  3. Set a Profile Name and pick a Group Policy to apply it to.
  4. Click OK.
  5. Set Windows Logon Enforcement to SingleLocalLogon.
  6. Set Windows VPN Establishment to LocalUsersOnly*.
    • You can also use AllowRemoteUsers if the solution doesn’t work for LocalUsersOnly.
  7. Save the profile as an XML.
  8. Connect to the firewall’s ASDM.
  9. Go to Tools > File Management > File Transfer > Between Local PC and Flash.
  10. Select and upload the XML you previously created.
  11. Once the file is uploaded, click Close.
  12. Go to Configuration > Remote Access VPN > Network (Client) Access > Group Policies.
  13. Select your Group Policy for your AnyConnect clients.
  14. Head over to Edit > Advanced > SSL VPN Client.
  15. Find the Client Profile to Download section and uncheck the Inherit button.
  16. Click New > Browser Flash and locate the XML file.
  17. Save all settings and try to reconnect using AnyConnect Mobility Client.

If you can’t access the VPN server settings, use a remote desktop solution like AnyDesk instead of RDP. The program works flawlessly in combination with any VPN.

  1. Disconnect from the RDP.
  2. Connect with AnyDesk, and then to the VPN in remote session mode.
  3. Disconnect from AnyDesk, and connect using RDP.


Enjoy no latency, full compatibility with every device, and superior performance with AnyDesk

Get AnyDeskVisit website

In conclusion, if you receive the VPN establishment capability from a remote desktop is disabled error message when trying to remotely connect to your office using Cisco VPN in RDP mode, just follow the steps above.

This article covers:Topics:

There are no comments yet. Please leave a comment

add a comment

Leave a Reply

Your email address will not be published. Required fields are marked *