06-08-2021 07:49 AM
I connect to my company VPN with AnyConnect (using this rather than openconnect to allow single sign on to work).
When I run a docker container that's not using network driver "host", my VPN disconnects then reconnects. My VPN connection is still functional on the host and any containers running with network driver "host" can still access VPN resources.
So everything works. What is like to know is what exactly is causing this behaviour and when I know that, is there anything I can do to prevent it.
docker create network -d bridge my_network doesn't cause the disconnect. It's only when I use the network (and ip link show shows it's created a virtual Ethernet interface using my bridge as master) that the disconnect and reconnect happens.
I have docker and Cisco AnyConnect on an Ubuntu based distribution (though have seen this same behaviour on OpenSuse and Fedora)
I have realised today that when building a container, it also disconnects and reconnects the Linux Cisco AnyConnect client.
08-03-2021 03:00 PM
I have this problem, too. Found any solution for this?
12-21-2021 06:41 AM
I have the same problem. It's really frustrating because I have no alternative VPN software to use on Linux because my organization uses Okta to complete authentication which has tentative support in openconnect, so that's not an option. I run AnyConnect 4.9.06037 on Ubuntu 20.04.2 LTS. My symptoms are:
02-20-2022 09:48 PM - edited 02-21-2022 07:36 PM
Pleased to see your issue as I think I have the same problem, I am also confused and in need of light on this same issue.
02-21-2022 07:39 PM
03-24-2022 08:37 AM - edited 03-24-2022 08:38 AM
I'm seeing this in the acvpnagent log
Mar 24 11:27:13 breg acvpnagent[1073]: A new network interface has been detected.
Mar 24 11:27:13 breg acvpnagent[1073]: IP addresses from active interfaces: br-a708d64e944d: 10.120.4.1, FE80:0:0:0:42:A3FF:FE62:3B3A cscotun0: 192.168.10.173, FE80:0:0:0:9278:6299:C7E0:2EE9, FE80:0:0:0:FCE3:2ED6:AFFA:33E6 veth42944f2: FE80:0:0:0:DC1D:27FF:FE31:3172 veth6fd49bf: FE80:0:0:0:C898:92FF:FEE3:55B0 vethc4b8f2a: FE80:0:0:0:CC09:80FF:FE50:1ECA vethc6d1817: FE80:0:0:0:C05A:54FF:FE3C:343E wlo1: 172.24.28.9, FE80:0:0:0:F959:9CAB:6553:693
Mar 24 11:27:13 breg acvpnagent[1073]: Reconfigure reason code 15: New network interface.
So it seems like any new interface change (e.g. docker) will cause a "reconfigure".
10-04-2022 08:59 AM
Ask your account team to push it further. Currently it exists as Enhancement request. - https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwc70093
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide