IT: Support/Helpdesk (Troubleshooting Cisco Vpn In Depth Level1)

Video Statistics and Information

Video
Captions Word Cloud
Reddit Comments
Captions
hey guys I doing it Scouts I can't bring you another video on information technology I hope you're having a good day happy Sunday and today I want to go over Cisco anyconnect or cisco VPN in death as a level 1 IT support guy so what do I mean by that I want to go over everything about cisco anyconnect how to connect to VPN and I want to show you things that you should be checking when you're helping a user we help a kline etc etc etc so before I go into that you're new to my channel and do comte videos to do IT support videos let's talk about how to get it to desktop support tech support IT support I also do job interviews as well and to people from different companies and therefore an IT environments and I go live here and there I do live training sessions so I was always very common subscribe hit the notification bell that way you know when I go live and I'm gonna share my stream of you right now so let's go right into this alright and I've been I've been waiting to make this video by been super busy about it so sorry about that I've been avoiding it because I will do you know busy alright so let me share my screen with you give me a second all right troubleshooting VPN in-depth so this is troubleshooting VPN in def for level 1 level low just level 1 there's no level 2 or any other uses for desktop support IT support tech support people are new 90 they're helping use it with VPN issues alright so you need to understand that when you log in and you can make to rather a Citrix whether it's your your mail app or it's cisco cisco anyconnect the VPN you always gonna have some sort of authentication so you have to you have to log in with you have to login with username and password but then there's some sort of authentication so what I mean by that there's an authentication - so basically you have to allow it on your device you'll have this application which is called the mobile or RSA a Google Authenticator and and it might give you a code it might give you a temporary bypass code or you might get a push you might get a notification you might get a call me like it's like in this picture right here so you have to keep in mind that that um part of working with Cisco anyconnect because you know we don't give a Cisco a connected because the majority of the world uses it yet their two factor authentication allowed on that person's on that person's mobile phone so say for example was name Jeff Smith for whatever he has to have do on his phone always VPN will not work you click connect connect connect and it just doesn't do anything it's not gonna work so you have to get it that hasn't have dual to mobile or whatever you know whatever your company is using you know IRA companies different I can say that the company are gonna work for they're gonna have dual maybe another company might have our say maybe one might have Google a Decatur maybe one might have something else so you you the reason I'm going over this is because you have to know this you have to understand how the DPN works and you have to know about authentication so that's part of our job requirement as an IT guy so that's ongoing our IT girl so I'm going over this so there is there is a send me a push call me into a passcode and then once you do that you're able to connect to the VPN so that's that's pretty much it and I'm gonna I'm gonna show you step by step everything that usually goes on when you doing these things alright so common issues that you will deal with when it comes to dealing with VPN issues so you have an issue where either the account is locked out so you might have to go into Active Directory and unlock their account their password is expired so I'm gonna show you everything I'm talking about right now I'm going to connect into my I'm going to connect it to my virtual machine right and I'm gonna show you what I'm talking about so let's just say for example is this hypothetical obviously it's not you know it's not like a real person but Aaron Wells right maybe maybe maybe he'll account is locked I don't know so you might have to go into Active Directory so you might have a shortcut here so if you want to get into it you may have to go into server manager and then you might have to go into tools and you have to go into Active Directory users and computers and then when you click on that it's mine my um my VM is a little slow pardon me about that do it a second when you click on that it should pop up so yeah it's freezing for me there we go oh it's fizzing it updates that's fine when you click on that and close out of that when you click on it it should open up and then you know it's not going to be on is obviously it's not gonna be on user is gonna be on cats like that local whatever your domain name is whatever it could be MSP calm obviously you could right-click on and search for the user and just put their name here so like I have Aaron Wells you know he's right there or you could go to the users folder dipping how your environment set up it will have multiple folders and different OU's and stuff like that I don't want to go in depth in that I just want to show you what you know what goes on without with with Cisco anyconnect or Cisco VPN so then you you know you search for the user and you double click on them and then I'm not gonna count that's it that's all you have the young man do anything up something fancy and can you please try to connect again to VPN sure and then hit connect and then you put the password in and then they get a notification on the phone and then after they get notification on the phone then they allow it and they're able to connect to the VPN so that that's problem number one to solve that front problem or one passwords expire you want to check that as well so how do you check that you go into Active Directory again obviously when you do all this you want to find out what their user name is what's the first thing what's the last name the easiest way to make sure that the user is calling you and it's the actual user themselves and I'm gonna tell you how to do this is if you go into your little mobile new mobile account so you have so everyone has IT support help desk or desktop support you have a dual mobile account you search for the user here right so like my name is Kalpana research for you here and you should have their first name their last name their email address and if you scroll the way down they should have the phone number down there so you know I'm gonna show you my number obviously but yeah you put you know that's them because it's their phone number showing up right there so they'll have the first name there in a company email address and their phone number and then and you know when they're calling you from the phone you know they called me from the phone or you could accidentally what's your phone number and what's your email address and then when they tell you that okay this is this is the real this is the real Aaron Wells this isn't a fake everyone's trying to get into the system you know you want to make sure you do all that before you before you start changing passwords or unlocking account or anything so just letting you know that's that's part of iti as part of IT support helped us it's confirming who the user is especially when you're working from home now you want to make sure that you know that that person that you're working with or you're dealing with it's the actual person it's not some rare trying to call trying to get into the system okay so that you know be careful with that just make sure you confirm what the user is first before you start unlocking accounts all right so now how do you confirm that Tim okay what's your user name your name is Aaron Wells yeah Aaron Wells it was okay let me see and then you you know you go into CMD type net you type in it space user anytime Aaron Wells right space slash domain so now you know the password expires actually the expires this month but make just just protect the dates they expire already right so I'm sorry so what's going on as your accounts expire so this is the reason why you cannot log in this is the reason why you're having issues with your login so we have to we have to reset your password I'm gonna make sure I'm gonna help I'm gonna help you reset your password and then you you know you basically reset their password so you right click here reset password you put whatever you want don't put usually must change on next login because I noticed that causes a lot of problems when people are connecting to VPN don't do that just uncheck that change the password for them and then when you do that while connected to the VPN do control delete and change pastor and help them do it that way that makes sense you change the password and then when you do as you do can you please them if they're on VPN now they do control with the Lea and then change your password and then you know you put the old-fashioned end the one that you gave them make a new one hit sign in and connect and then make sure that on VPN and it should take the new password then when I taste the new password you know that it's working and you want to test it out so you wanna you want them to I know it's it's an insanity check but just to make sure that they're not having issues you want to make sure that they disconnect from VPN they reconnect back to VPN they get to do mobile authentication on the phone like you know from normal they have and after that make sure that their password is working the new one is working and they could connect and everything they leave them alone all right you're good to go there's anything else I can help you with no no I'm okay for now all right thank you have a great day so those are the kinds of issues you're gonna have another issue you're gonna have is accounts locked out of dual or say a Google Authenticator so you know like I told you before you to have the authentication has to be there because if it's not there they can't log into VPN is for security reasons all these companies have two-factor authentication because we have to make sure that it's them it's not some random guy trying to get into the VPN so for that you go into dual mobile to do mobile console here I will say locked you you basically unlock the account here no we are locked screenshot which I could show you if you want me to show you I shouldn't me just show you little mobile lots you could see what it looks like if I could find it if I could find something here maybe maybe now oh here we go family there we go so this one do mobile locked out show you this one see where it says active bypass and what happens is trying to get you a screenshot of it cuz I can't find what I have you go don't want will locked out so the thing is that they get locked out and it's gonna say something like that so locked out for 90 minutes locked up for 10 minutes like that for 40 minutes and you have to click on active under on my on my learning whatever you haven't set up on on mine you had active and then you hit safe as a monk will save down there so you'd save and then and then have them try logging in again and it should work sure work after that so those are some weird issues you're gonna encounter but that's basically what it is and I'm being honest she never encountered that Wi-Fi needs to work for VPN to work hours this is a common-sense one if you don't have Wi-Fi VPN is not gonna work you need Wi-Fi you know you can't you can't just connect on the fly is then work that way so make sure they have Wi-Fi on VPN for work VPN profile is missing on the C Drive or VPN certificate is missing what the hell the hell what the hell does that mean I'm gonna go over that right now don't worry about it so we'll talk about that in a couple minutes on the last ones I forgot to add it actually do all the isn't getting notifications so timing matter so if someone has dual mobile on their phone and they're connected to the VPN sometimes you have an issue where the user or the client has no service on their phone and their phone service is really bad and they don't get a notification there's I'm gonna call me they don't get send me a push and we get a text message it's because their phone is bad so you might have to put them on Wi-Fi you might have to restart the phone and they're probably having issues connecting to the VPN because they're cuz you know it's a two-factor authentication you gotta allow it on your phone maybe their phone is messed up so you might to make sure that their phone is working - part of logging into VPN is making sure that the phone is working so if their phone is working then you're not gonna have that problem sometimes your problem or there's no service on their phone and then you know you can't do anything you gotta get my passcode like like you gotta go here and then you gotta give them a bypass code so you don't click add a bypass code right here and you give them a bypass code and that will be the only way to actually let them in you know and I always think we never do we never do bypass status and then hit save changes and skip what education we never do that if you do that in your job you're gonna get fired I'm telling you right now do not do that this is basically allows them to just log in automatically allow any type of authentication if they're connected to BP and they're going to webmail they're going to - to any website or anything that has to do with the company and you have to factor authentication enable and you do bypass for them do not do that if you do that you're gonna get fired on your job I'm letting you know right now I'm not joking about that so you're gonna get fired they'll not do that make sure it's always active if not give them a bypass code alright so how to troubleshoot so now we gone over the basic stuff now I'm actually gonna install it on this computer and I'm gonna show you what happens when you connect when you install cisco VPN and i'm sorry it's gonna be a really really long video but it's because you have to know this okay so now I'm going to so Cisco VPN I'm gonna my downloads folder I have the decliner on here somewhere I could find it cuz I do have it let's I installed Cisco already probably not packet tracer oh here you go so you so basically you're on a website so become the company so you have to understand that and you're in your environment the company might have a web portal that they log into and they download the Cisco anyconnect client so what do I mean by that so the company are you working for I have a certain website at they go to Oni and that they have their own like ms/ms i or or that Exe file and they download and when you download it it installs that's the certificate the profile and their you know everything on the computer and then you're able to use VPN after that so it depends on the company other companies look like can you can you to go and download cisco anyconnect on the website and all know cisco anyconnect and you might have to go into cisco anyconnect website and you may have to download it right over here you might they go into downloads and you may have to download the four point seven one or whatever they give you you know whatever version you have you know because you got to remember that they have different versions so maybe some companies don't support it maybe they do support it I don't know it depends on the company like I said so this is installed it real quick alright then install it to my head run and you know it looks a little wonky which is totally fine so this doesn't anything supposed to work so there we go next next next install and I want to show you how this works all right so you're gonna see on the bottom right hand side a globe if it's not open you might have to open it so you hit the Start menu you you click Cisco anyconnect right so now you have this weird thing right this is strange strange thing right I am not sure what that is I'm gonna click on it so this is there's this thing called VP and I and accomm I'm gonna connect to yeah I'm gonna connect to that one so I'm gonna make that so this is a test VPN that was created for anyone I want to test VPN by the way this is Chris oh you're gonna get that screen you saw that message this message you're gonna get the screen if the certificate is not trusted or the site is not trusted you could change the settings on it obviously and I'm gonna show you what happens when you do it so when you when you work when you have a cut when you work for a company this is gonna be there this is gonna be calm or whatever the name of the company so I'll be like MSP calm whatever you know so some companies might have a name here it has to it has to have the name and the name doesn't pop up unless you install the profile on the computer so remember I told you about this we went over this like maybe certificate is missing the profile is missing so where would you go to a profile how would you go to a profile how do you troubleshoot that so there's a level one technician you need to know that sometimes these companies have profiles that you install on the local computer and so in the laptop when you image the computer so when you build a computer you image it it comes with VPN already and it comes with a profile installed on it so where's the profile located so it's actually located right over here I'll show you so you go into C Drive local C and it's not here it's actually program data so if you type program data hit space you're gonna have this folder called Cisco and you have this folder called Cisco anyconnect security and you hit profile and then we hit profile there's gotta be a profile right over here so I'll be your company profile MSP com I don't know Amazon Yahoo Facebook whatever you're gonna have a profile right here and edit that profile is right here that means that means that it's correctly set up and then you'll have a URL right here because that profile works together with the URL down here in the bottom right hand side just remember that so if you're doing level one Supporter IT support and you and you and your company like the website connect the website automatically in the bottom right hand side he knows the bottom right hand side and you're troubleshooting a computer and there is no website down there for some weird reason then you know something wrong with that computer you know that they're missing the profile for that for your company so you might have to manually install the profile on the local c program data cisco anyconnect profile you might have to add a file in there for this to work some companies might have a profile so Kony's may not have a profile depends how it's set up in your environment but for me my personal environment the jobs I worked before they usually have a profile that you put on it's a profile that's loaded on the computer and that you have to manually put it there that makes sense so I'm just you know I have to go over this because you might you might encounter this in your job alright so now that that's done and I'm gonna connect to VPN and I'm back up okay you're getting this weird error message and yeah change the settings so you are you hit blog notifications and trusted servers and you connect obviously you do not do this in real life to not do this in real life obviously this is just uh it's just for you know for practice only if that makes sense so then you log in and then if you're if you're not in the IT environment you get a you get a you got a two-factor you get a two-factor authentication and you know you'll allow from your phones you for your password in you hit OK you'll learn from your phone you trust it or you allow it and then you're all set and anyway and then it's gonna download the VPN adapter and I'll show you what that is I'll show you how to get to that and I'll show you how to troubleshoot that so now we're fully connected right and all when you're can I got me P and you've done something you can VPN all the stuff that you normally do in your job in the office is show work now so the H Drive should work the share Drive should work outlook should work now anything that you have that's in the office it should work now Outlook Excel Word PowerPoint it work anyway are you opening shared Drive stuff that's on the network on the in the office now it should actually work while being in a laptop so you shouldn't you shouldn't have this issue now so now you're on VPN you should be able to share drives you should be open up all your stuff you should be good to go now how do you check the Cisco anyconnect adapter so you go into the start menu you go in and type control panel you go into view Network Status you going to change adapter change advanced sharing settings I'll change that to saying sorry change other size and there's this thing called Cisco anyconnect I hit properties and you hit ipv4 you know you notice that automatically it gives it an IP address um that means it's working their way supposed to work so some companies the VPN might not work properly so you might have to some companies like some network admins they might give you an IP address you have to manually put down here and you hit OK and then beep Anne's gonna work after that so I don't know it's just some weird issues that you might encounter I'm just letting you know as initially I encounter so you might have that issue you might not have that issue obviously the common issues is if Wi-Fi is not working on the laptop you know you're gonna have a lot of problems obviously so now the certificate how do you get into the certificate I'll show you how to do that right now and we'll close off this video so I hope this video helps you out so you want to open up MMC as an admin she'll run as administrator obviously you know you know I have admin rights here so I could do it I could do whatever I want you go into you go into add add and remove snapping I believe it's that one yet is that one you hit certificates you can add by a computer account local computer finish finish finish so now you have this thing called personal right so here there should be a folder for VPN for Cisco anyconnect so that you know right now you might not see it on this you know this is I'm testing I'm testing something so I might not you might not see it here yeah I remember that this is a test VPN connection so you might not see it on my computer but normally you'll have like Cisco anyconnect of some sort of Cisco thing on the certificates and you might have to your you might have to allow it or you might have to add a certificate on the computer you depends on the company every company is different so you might see certificates here some some certificates might be missing from the computer or laptop and then you can connect to VPN so you might have a bad computer you might have a company you might have to reimage you might have a computer that the VPN the VPN doesn't want to work or obviously to troubleshoot VPN you might want to try login as yourself connected to the user's computer so the computer can connect if the user can't connect to the VPN and it's not working for them at all but it works for you for example then you might want to you might want to open up UPN right over here and get out of this this is troubleshooting stuff you might want open up in here a hick hit connect connect with username connect with your password and then what you do is you you once you're fully connected you go into CMD and you're on gpupdate force because maybe the policies are missing on that computer and you want GPL play force you get the policies yet pushed in on that computer and then you disconnect VPN and you have them try it again that might fix that problem but like I said it might be there are counters locked out maybe they're locked out of door there two-factor authentication maybe their password expire or maybe they're missing the the roaming profile or the profile on the C Drive program data so that's pretty much everything in the nutshell and I hope this video helps you out so now you can say that you understand IT support help desk or tech support VPN in debt basically you could troubleshoot in so many different ways I hope this video helps you out obviously the only thing we could do as an IT person helped us desktop support our IT support is uninstall and reinstall it if you try everything and doesn't want to work on this or install they might fix it as well we can't do anything beyond that if it doesn't work if it doesn't work for him and if it doesn't work for you and it doesn't work for a bunch of other people and that means you're having an issue where the network is completely down and VPN cisco the Zenda is n scalar the the cisco scalar is probably down urgings down probably right now so you might have you might have to escalate it to the network admin you might have to escalate it to them to manage me you know whatever your company set up as and you may have to escalate to the specific person to look at why it's not working if it doesn't work for anyone and it's not working for them and it's not working for you then we have a big problem and VPN doesn't work for anyone so well you want to troubleshoot is basically this videos you want to troubleshoot everything you possibly can before you escalate the ticket to a level to lie or to a server admin or to a network admin you don't want to just start oh it's not working okay it's not working I give up all right here I go look at it and you get create a second did you try this you try that just try this it's right you know sometimes this issue with the wife are the wife are those the wife is probably not wife I might say the wife I might say connected all right and it is not connected and it doesn't work you know does it work on your phone it's not working you're working your iPad no doesn't work on your iPad so you may have to restart your router oh they have to contact the ISP you know you don't know so this is like little things on troubleshooting 101 so anyway thank you for watching my video I greatly appreciate it as always rate comment subscribe give me a thumbs up I greatly appreciate it I hope this video helps you out is she doing that T support that stuff some more technical support and that's it that's all I got for you for today alright you guys have a great day and I hope you guys have a great week happy Sunday take care peace later
Info
Channel: Kevtech IT Support
Views: 18,926
Rating: undefined out of 5
Keywords: IT, information, technology, kevtechnerd, kevtech, hedge, funds, engineer, desktop, support, cisco anyconnect, duo mobile, rsa, 2 factor authentication, helpdesk, servicedesk, technical support, tech support, microsoft, mcsa, mta, comptia a+, troubleshooting cisco vpn in depth, troubleshooting vpn, IT support, pc technician, common IT issues, account locked out, password expired, wifi, ciscoanyconnect, work from home, wfh, kevtech IT support, troubleshooting vpn issues, entry level IT
Id: dXJ7cEODCpU
Channel Id: undefined
Length: 25min 0sec (1500 seconds)
Published: Sun May 03 2020
Related Videos
Note
Please note that this website is currently a work in progress! Lots of interesting data and statistics to come.