Running into an issue with AnyConnect and OKTA SAML with 90 second delay between authenticating and actually establishing the connection.  Initial login/redirect/MFA is quick then the client shows "establishing connection.." and 90 seconds later (give or take) the connection establishes and user can pass traffic.  

DART logs show the below which clearly shows a long delay between "Retrieving device details from cache" and "received VPN session Configuration settings."   14:23:14 > 14:24:54 or right at 90 seconds.

Note we have other profiles not using SAML that have never had this issue so I simply not sure what would cause this.   Logs on OKTA side show everything happening within a couple seconds so I attribute this to something on the ASA/FP side but what I don't know.  

Date : 02/09/2024

Time : 14:23:14

Type : Information

Source : acvpnagent

Description : Function: CCstpProtocol::startHTTPNegotiation

File: c:\temp\build\thehoff\phoenix_mr70.316886046509\phoenix_mr7\vpn\agent\cstpprotocol.cpp

Line: 1026

Proposed base MTU is 1500.

******************************************

Date : 02/09/2024

Time : 14:23:14

Type : Information

Source : acvpnagent

Description : Function: DeviceIDInfo::getDeviceDetailsFromCache

File: c:\temp\build\thehoff\phoenix_mr70.316886046509\phoenix_mr7\vpn\common\utility\deviceid.cpp

Line: 304

Retrieving device details from cache

******************************************

Date : 02/09/2024

Time : 14:24:54

Type : Information

Source : acvpnagent

Description : Current Profile: client-profile.xml

Received VPN Session Configuration Settings:

Keep Installed: enabled

Rekey Method: disabled