Anyconnect issue

er.vansh17091 · ‎09-16-2019

Hello Folks,

This is regarding anyconnect VPN issue.

One of the user has reported like when he works from home ,VPN is frequently disconnecting (twice in 30 minutes).

Now I've few questions:

In order to troubleshoot I tried to download the DART file but unable to get through. it was asking to share it via mail.

What should I check in dart file?

What commands should I prefer to check the VPN anyconnect on Cisco device?

Which Ip should I prefer of the user from ✓ipconfig /all ( asa VPN gateway ip, local isp ip, user public ip address?)

Should I user any comcommndsmnds to check session on Cisco device like show local-host up address .

Just Guide me , I don't have much experience on anyconnect VPN.

Mohammed al Baqari · ‎09-16-2019

Before checking DART, can you try to disable DTLS and check if it fixes the
issue? This will use TLS only and isolate possibility that your ISP is
blocking UDP443 as being encrypted.

er.vansh17091 · ‎09-17-2019

Hello MAB,

Thank you for prompt response. Can you do let me know where I have to disable the DTLS? Should I disable it on ASA (config>Remote access vpn>client access >Group policy) I.e not possible for single user, where on ASA>4000 users are connected via anyconnect.

Or have to disable on Windows maching in regedit? If yes what attributes should I change over there? Do we any cmd to disable or enable the same via cli?

Apart from this I wanted to know that what needs to check in DART file just for knowledge?