AnyConnect Management Tunnel Issues

manofsteel03 · ‎07-29-2022

Hello,
Currently we have AnyConnect deployed for our users to connect to the VPN which has no issues on this profile. We setup a new test AnyConnect Connection Profile which has a Group Policy configured to download Client Profile which is the management tunnel.

In the AnyConnect Client Profile for the ManagementTunnel under the Preferences (Part 2), the Automatic connection is enabled for detecting Trusted and Untrusted network.

However, we are seeing a bit of an issue with this test profile that we haven't been able to figure out why and hope someone can provide some tips on where to check.

1) Every time computer boots up and user login to Windows, AnyConnect client will open and try to connect to the test user vpn profile and requests the user to enter their credentials. User can hit cancel and then the Management Tunnel connects. Everything works fine at that point for a while.
2 ) After about an hour or two, the AnyConnect client will open again (disconnects the Management Tunnel) and asks the user to login to the vpn. User can hit cancel again and management tunnel connects back.

What we are expecting is:

When a user login to Windows, the AnyConnect should not open and try to connect to the vpn.
When the user is not connected to the user vpn, the management tunnel connects and stays connected until the user initiates the VPN connection request on AnyConnect.

Thx in advance for any assist provided

MHM Cisco World · ‎07-29-2022

share the anyconnect config

ashish.kushwaha · ‎07-29-2022

you can refer the url you will get some idea to solve your issue.

https://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect41/administration/guide/b_AnyConnect_Administrator_Guide_4-1/anyconnect-profile-editor.html

,,
Ashish K
***Please Rate Helpful Responses***

Aref Alsouqi · ‎07-30-2022

Maybe you have Auto Connect on Start enabled in Preferences part 1 page?

andy_4578 · ‎08-10-2022

Was a solution found? were experiencing the exact same issue with the management tunnel where the AnyConnect client will randomly popup trying to manually connect, this disconnects the Management tunnel until you cancel the AnyConnect connection. This happens randomly every few hours for all users.

AutoConnect is disabled in the AnyConnect profile under Preferences page 1

EthanIsenberg75263 · ‎03-30-2025

I am having the same issue - did anyone determine what the fix is?

an.balsby · ‎05-20-2025

Old topic, but i am currently facing exactly this issue.

Did anyone solve this?

andy_4578 · ‎05-20-2025

The fix for us was to remove anyconnect from the client startup, either through task manager or a registry change. We push the registry change via intune

an.balsby · ‎05-20-2025

Thank you for answering.

But would that not prevent the management tunnel from connecting?

andy_4578 · ‎05-20-2025

Anyconnect or secure client should be running as a service, the application doesn't need to be running as well. As a test, close the application and make sure it is closed, not hiding in the system tray. If it is hiding in the system tray, close it from there as well. Then make sure the management tunnel is still running by pinging something across the tunnel. Don't open anyconnect to check the tunnel or you'll be back where you started.

an.balsby · ‎05-20-2025

You are right. This could be a workaround. Thank you for answering