AnyConnect interrupts Windows Cumulative Update Install
Hi, I'm posting this to see if anyone is having a similar experience. We have 1500+ clients running on VPN with a mixture of AnyConnect 4.8 and 4.9 installed. Over the last few months we have seen an issue where the roll out of the Microsoft Cumulative Updates fails on some of our end user devices. We have found that in some circumstances on those machines, if you disconnect the VPN before installing then the updates complete.
Our build team did some analysis on the windows logs and found that the update process is failing when there is a call to the SID of the ciscoacvpnuser - which is the restricted user installed on the device by AnyConnect. The failures are not consistent however and we have seen the same device complete the updates at another point in time, the logs showing the call to the same account SID completes ok.
My belief is that the update process is failing as there is a resource conflict between it and the AnyConnect client and that this is an issue of timing rather than a bug in AC hence why it only fails sometimes. However as its causing an inconvenience to our userbase (people often have to run the update process 3-4 times to get it to work) I want to see if there is anything that can be investigated to prove that assumption.
I would greatly appreciate any response if people have seen similar issues on their network.
Radius server configuration for 802.1XServer radius test1Address ipv4 10.1.1.1Key 1234!Server radius test2Address ipv4 10.1.1.2Key 1234!aaa group server radius TEST-grserver name test1server name test2!aaa authentication dot1x default group TEST-graaa aut...
One of the biggest concept in VPN Technologies is NAT Traversal, like NAT Traversal in VOIP deployment with SIP Protocol, the history is always inside the payload to solve the Incompatibility between NAT and IPSEC like the Incompatibility between SIP prot...
"What is this 'Orbital Query Corner' thing", you ask? It's the name of an occasional series of articles, each discussing one particular point or use case for the Orbital advanced search feature that is available in Cisco Secure Endpoint starting at ...
0. The Issue
On 20 July 2021, Microsoft issued an alert for CVE-2021-36934 "Windows Elevation of Privilege Vulnerability".  The problem in this case is an overly permissive Access Control List (ACL) applied to system files, including the Se...