06-27-2023 06:09 AM
Hi All,
Im having an issue with cisco Anyconnect that is increasingly causing an issue. I have a Cisco Firepower managed by FDM with an identity source of our on prem AD server. the identity policy is set to produce a captive portal when the browser opens.
what were seeing is that random users at random intervals will lose connectivity to outlook and web browsing and network shares, despite the anyconnect client saying its connected. This will last for 10-15 mins and often the users will need to disconnect and reconnect to the anyconnect client.
Ive cleared connections, failed over to standby device, force logged off users from cli and rebooted the devices and still seeing users experiencing the same issue
Anyone had this before?
06-27-2023 07:57 AM
What version is running on the FDM? it does seem the FDM loses the user-IP mapping. When this issue happens, could you please run the script "user_map_query.pl -u < an affected username >" and see if you see the IP of that user in the database table? this script should be run from expert mode. Another useful command for troubleshooting in this case would be "system support identity-debug", this can be run from the clish mode.
06-27-2023 08:34 AM
Thanks, ill give it a go next time it happens. Currently on version 7.0.4-55. is there currently any support for it losing the user-IP mapping that youre aware of?
06-27-2023 08:46 AM
Not really sure, but you can take a look at the bug search tool and see if there is any reported bug that would match the behaviour you are seeing:
http://tools.cisco.com/bugsearch/
06-27-2023 08:10 AM
you have FW HA active/standby and the web browser is not work fine ?
check the http replication between two FW.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide