06-30-2014 12:18 PM - edited 02-21-2020 07:42 PM
Hi All,
Has anyone ever had an Anyconnect VPN client just lose connectivity in the middle of a session? The user connects via VPN fine all internal resources are available and they can get to things. Within a certain time frame the user all of the sudden cannot get to internal resources, but tunnel is still established and connected. They cannot ping internal resources nor can I ping the client IP of the user that is connected. I see the connection still there within the CLI. The user can log off and log back into the vpn and work again, but the issue may creep up again. Any one else seen an issue like this?
Thanks,
Bill
07-01-2014 01:46 AM
I have seen issues where users were kicked off the VPN randomly but the cause of this was that the VPN IP pool was exhausted so they were not able to log back in.
Does this happen often?
Have you checked the logs for any anomalies or anything that might indicate a disconnection of some sort, even though the user account seems to still be connected?
--
Please remember to select a correct answer and rate helpful posts
07-16-2014 12:56 PM
The client side says it is connected and when I look at the ASA the username connected is still listed. I'll have to check on the logs and such to see if there are any anomalies.
07-17-2014 12:43 AM
Hi ,
I ran into a similar issue before and saw that user was shunned from the ASA and thus VPN session was up but traffic was not passing.
Try "show shun" to see if the client's IP is listed there or not.
If that does not help, run test traffic (continuous pings) from VPN client and run captures on inside interface (to see if the packets are reaching there). This will tell you if the packets are even reaching ASA .
Regards,
Dinesh Moudgil
P.S. Please rate helpful posts.
11-25-2020 11:10 AM
@Dinesh Moudgil wrote:Try "show shun" to see if the client's IP is listed there or not.
Thank you Dinesh,
We had to change our VPN addresses a while back and forgot to update the shun exception. I know this was an old post, but it helped us out.
11-26-2020 06:29 AM
Hi @AlexOlson,
Glad this helped you
Thanks,
Dinesh Moudgil
10-30-2014 05:03 AM
Our clients are Windows 7 and this doesn't happen to everybody if at all many. On occasion I have had the Anyconnect client reinstalled on their workstations and it seemed to work. Not sure if the Anyconnect service/drive gets messed up. I haven't had the chance to packet capture the inside interface while the client was connected. I figure if the problem was the ASA that more folks connecting would have the issue.
10-29-2014 01:52 PM
I am having the same issue with some windows 8.1 machines. Everyone else works fine. Concentrator and client both show connected but no traffic passes. disconnect and reconnect fixes the issue temporarily.
Have you gotten a resolution?
Show shun statistics shows 0 shuns...
vpnc60a# show shun stat
outside=OFF, cnt=0
inside=OFF, cnt=0
management=OFF, cnt=0
CH
10-30-2014 05:06 AM
I myself have not got a resolution yet except for having the client reinstalled and that isn't 100% guaranteed. I have also seen where some setting or something with the user's home wifi router causing issues with VPN.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide