I have a handful of users in the same Active Directory group that has disconnect and reconnect issues. They will connect then anyconnect will disconnect and reconnect them, usually 3 times in a row before it settles down. This issue has not been reported among the 400 or so other users. I am posting a picture of the users anyconnect history.
We are using Anyconnect 4.6.01103, on the log from the ASA I do not see this disconnect or reconnect.
I also have customers report this into help desk- the VPN AnyConnect behavior is that no matter which Wireless AP/SSID they connect to in remote locations (not in company building) once they establish the connection, within 2 to 4 secs, AnyConnect, begins disconnecting and reconnecting, about 4 iterations of, then stays connected for about 5 to 10 secs, and repeats/loops, the disconnects/reconnects. never settles to connected- AnyConnect v4.4.01054 on Win10-RS3- Since I technical do end user support, im not very familar with what might be going on in the backend of VPN-- Are there any steps I can take on the end user side, with administrative rights (all users are standard users) like: removing any network adapters and re-adding them, removing/deleteing any files for anyconnect that are used for config of client/tunnel, that gets rebuilt when relaunched-??? I have hundreds of customers, all with the same build of windows and configurations applied, same software versions, etc.. thank you for any feedback/advisement-
Hi Richard Lucht,
The reconnections could happen for multiple reasons, you can take a look to the following guide:
Considering you are describing a more constant reconnection that the one in the guide you need to get a DART so you can get a better idea of the issue:
I will also recommend you to check the following FAQ:
Considering the DART includes a lot of information that should not be shared publicly i will recommend you to open a case with TAC.
Hope this info helps!!
Rate if helps you!!
in my experience most reconnecting issues are related to dtls. Dtls is standard and it uses udp 443 for data and tcp 443 for control traffic. If udp 443 is not reachable is falls back to tcp 443. This is the reconnect.
Solution is to make asa available with udp 443 or disable dtls