Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
547
Views
2
Helpful
3
Replies

AnyConnect impacting traffic routes even when not connected?

jamicahermes
Level 1
Level 1

‎01-28-2024 12:07 AM - last edited on ‎01-28-2024 04:01 AM by Community Manager

we support multiple clients. Each having different VPNs. We are seeing this behaviour in our organization where even when Cisco AnyConnect is "not connected", but just sitting idle in the taskbar, the traffic starts showing up a different outbound IP (Singapore).

Has anyone seen this abnoxious behaviour?

And it's mostly showing up on Microsoft Sign-in activity and is driving our client's "Security" team nuts because as per their logs, we are accessing from "unauthorized" IPs.

https://vlc.onl/
Labels:
0 Helpful
3 Replies 3

balaji.bandi
Hall of Fame
Hall of Fame

‎01-28-2024 12:30 AM

Its all depends on the deployment of AnyConnect.

is this outgoing traffic on all devices ?  -   investigate what traffic is this ? IP address belong to whom ?

we are accessing from "unauthorized" IPs.

This is not clear - the Traffic coming in to the devices or in to your network when the user in Camus Lan or user working  from home ?

 

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Rob Ingram
VIP
VIP

‎01-28-2024 06:40 AM

@jamicahermes what AnyConnect modules do you have installed other than the VPN? If you have the AnyConnect Umbrella Roaming Security module the web traffic could be redirected to the Umbrella web proxies and egress from the Umbrella data centers.

Marius Gunnerud
VIP
VIP

‎01-28-2024 09:47 AM

when the issue is happening do you see the users connected to AnyConnect on the VPN headend?

Is this affecting all users at the client or a select few?  Perhaps they have IP anonymizer installed on their PC?

--
Please remember to select a correct answer and rate helpful posts
Top