- Cisco Community
- Technology and Support
- Security
- VPN
- Re:AnyConnect pre Windows login connects and disconnects for som
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
AnyConnect pre Windows login connects and disconnects for some users
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-18-2013 12:22 AM - edited 02-21-2020 07:14 PM
Hi,
I have Cisco VPN AnyConnect (version 3.1.0310) clients with a connectivity issue which manifests as follows:
A user boots their Windows 7 SP1 laptop up.
Before Windows login, the user clicks "switch user" and enters their Cisco AnyConnect credentials (this connects OK).
Once the VPN tunnel is established a user logs into Windows.
At this point, 1 of 2 things happen:
1. Most users VPN connection stays connected and user GPO processing\logins work as normal
2. For a minority of users, the VPN connection disconnects and then reconnects. The VPN disconnect and reconnect causes connectivity issues with mapped drives and Outlook (most likely due to GPO processing not applying as the VPN tunnel wasn't established at the required time).
There are no known commanalities between problematic users - all users are in the same OU and laptops are in the same OU, so they should be getting the same AD settings. The same user can login 14 times OK, but may experience this issue on the 15th occasion.
Within the profile xml file (stored in c:\program data\) the key "AutoConnectStart" is set to false for user controllable and default value. The XML policy settings are being applied correctly (we've checked Event ID 3010 within the Cisco AnyConnect Windows logs).
What we have noticed from using the back end Cisco monitoring client is that users who experience connection issues, connect pre windows login OK, but once they're logged into Windows the Cisco VPN AnyConnects seems to try and re-connect, which causes the current VPN tunnel to disconnect and re-connect. This disconnect and re-connect for users seems to cause issues with logon and GPO processing.
So far, the only rock solid way we've found of stopping this disconnect and re-connect behaviour is by configuring a system deny permission on registry key "HKLM\Software\Microsoft\Windows\CurrentVersion\Run". This key contains an entry for Cisco AnyConnect VPN. Unfortunately setting a deny on the individual node value isn't possible and if the key is deleted or modified the system re-creates it. I'd rather avoid setting a system deny on the key for all users.
Any advice on how troubleshoot and diagnose this problem is appreciated.
Thanks
- Labels:
-
AnyConnect
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-19-2013 11:17 AM
Can you verify if the vpn conncetion is stable without SBL?
Sent from Cisco Technical Support Android App
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-21-2013 01:26 AM
The VPN is stable without SBL.
I'm guessing this isn't a known issue?Some pointers for troubleshooting would be appreciated.
It's as if the VPN connection establishes itself, then disconnects upon login as Windows tries to execute the VPN executable which disconnects a current established connection and brings up a new one - which in turn affects group policy processing, Windows profile setup and Windows login scripts.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-21-2013 01:30 AM
Don't know, but I had similiar problems WITHOUT SBL and fixed them by disabling TLS (UDP) and compression within group policy.
Michael
Please rate all helpful posts
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-21-2013 03:26 AM
Cheers Michael,
Any chance you could let me know specifically which gpo settings you disabled? Are they standard settings or did you need to download an admx template?
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-21-2013 03:47 AM
I mean the policy in the ASA:
group-policy XXX attributes
anyconnect ssl dtls none
anyconnect ssl compression none
anyconnect dtls compression none
Michael
Please rate all helpful posts
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-24-2013 09:42 AM
Just a bit more info. The connection uses IKE.
I now have remote management access. After several reboots I was able to re-create the issue and noticed the following:
VPN shows as connected
Outlook shows as disconnected - normal behaviour when client has an issue
ipconfig - shows correct IP details, including DNS
I can ping the DNS server, but when I perform a DNS lookup, I receive timeouts and cannot ping Exchange servers by name.
So, I then run a gpupdate /force on the client and Exchange now connects and DNS resolution works.
I suspect that because SBL is working before login, then disconnected and re-connected during Windows GPO processing this has screwed up some GPO settings. A gpupdate fixes the issue.
Any advice on finding out why a VPN connection would disconnect and re-connect during the initial login is much appreciated.
thanks
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
10-31-2013 06:37 AM
I've attached some log files in case someone is particularly keen eyed at spotting issues (all data is anonymized)
| 6 | Oct 30 2013 | 10:19:31 | 172.16.12.17 | 58124 | 10.5.128.21 | 8080 | Built inbound TCP connection 123678229 for outside:172.16.12.17/58124 (172.16.12.17/58124)(LOCAL\jpk789) to inside:10.5.128.21/8080 (10.5.128.21/8080) | |||||||
| 6 | Oct 30 2013 | 10:19:31 | 172.16.12.17 | 58122 | 10.5.140.210 | 443 | Teardown TCP connection 123678214 for outside:172.16.12.17/58122(LOCAL\jpk789) to inside:10.5.140.210/443 duration 0:00:00 bytes 11971 TCP Reset-O | |||||||
| 6 | Oct 30 2013 | 10:19:31 | 172.16.12.17 | 51368 | 10.5.141.155 | 53 | Teardown UDP connection 123678191 for outside:172.16.12.17/51368(LOCAL\jpk789) to inside:10.5.141.155/53 duration 0:00:00 bytes 110 | |||||||
| 6 | Oct 30 2013 | 10:19:31 | 172.16.12.17 | 58123 | 10.5.12.182 | 88 | Built inbound TCP connection 123678217 for outside:172.16.12.17/58123 (172.16.12.17/58123)(LOCAL\jpk789) to inside:10.5.12.182/88 (10.5.12.182/88) | |||||||
| 6 | Oct 30 2013 | 10:19:31 | 172.16.12.17 | 62455 | 10.5.141.155 | 53 | Teardown UDP connection 123678189 for outside:172.16.12.17/62455(LOCAL\jpk789) to inside:10.5.141.155/53 duration 0:00:00 bytes 430 | |||||||
| 6 | Oct 30 2013 | 10:19:31 | 172.16.12.17 | 58122 | 10.5.140.210 | 443 | Built inbound TCP connection 123678214 for outside:172.16.12.17/58122 (172.16.12.17/58122)(LOCAL\jpk789) to inside:10.5.140.210/443 (10.5.140.210/443) | |||||||
| 6 | Oct 30 2013 | 10:19:31 | 172.16.12.17 | 56197 | 10.5.141.155 | 53 | Built inbound UDP connection 123678212 for outside:172.16.12.17/56197 (172.16.12.17/56197)(LOCAL\jpk789) to inside:10.5.141.155/53 (10.5.141.155/53) | |||||||
| 6 | Oct 30 2013 | 10:19:31 | 172.16.12.17 | 58121 | 10.5.12.179 | 389 | Built inbound TCP connection 123678196 for outside:172.16.12.17/58121 (172.16.12.17/58121)(LOCAL\jpk789) to inside:10.5.12.179/389 (10.5.12.179/389) | |||||||
| 6 | Oct 30 2013 | 10:19:31 | 172.16.12.17 | 58120 | 10.5.12.199 | 80 | Built inbound TCP connection 123678195 for outside:172.16.12.17/58120 (172.16.12.17/58120)(LOCAL\jpk789) to inside:10.5.12.199/80 (10.5.12.199/80) | |||||||
| 6 | Oct 30 2013 | 10:19:31 | 172.16.12.17 | 51368 | 10.5.141.155 | 53 | Built inbound UDP connection 123678191 for outside:172.16.12.17/51368 (172.16.12.17/51368)(LOCAL\jpk789) to inside:10.5.141.155/53 (10.5.141.155/53) | |||||||
| 6 | Oct 30 2013 | 10:19:31 | 172.16.12.17 | 62458 | 10.5.12.182 | 389 | Built inbound UDP connection 123678190 for outside:172.16.12.17/62458 (172.16.12.17/62458)(LOCAL\jpk789) to inside:10.5.12.182/389 (10.5.12.182/389) | |||||||
| 6 | Oct 30 2013 | 10:19:31 | 172.16.12.17 | 62455 | 10.5.141.155 | 53 | Built inbound UDP connection 123678189 for outside:172.16.12.17/62455 (172.16.12.17/62455)(LOCAL\jpk789) to inside:10.5.141.155/53 (10.5.141.155/53) | |||||||
| 6 | Oct 30 2013 | 10:19:30 | IPSEC: An inbound remote access SA (SPI= 0x67ED9B28) between 80.21.182.245 and 75.12.34.56 (user= jpk789) has been created. | |||||||||||
| 6 | Oct 30 2013 | 10:19:30 | IPSEC: An outbound remote access SA (SPI= 0x9C00507E) between 80.21.182.245 and 75.12.34.56 (user= jpk789) has been created. | |||||||||||
| 6 | Oct 30 2013 | 10:19:30 | Group | |||||||||||
| 5 | Oct 30 2013 | 10:19:30 | Local:80.21.182.245:4500 Remote:75.12.34.56:62457 Username:jpk789 SA UP. Reason: New Connection Established | |||||||||||
| 4 | Oct 30 2013 | 10:19:30 | Local:80.21.182.245:4500 Remote:75.12.34.56:62457 Username:jpk789 Warning Configuration Payload request for attribute 0x7041 could not be processed. Error: Unknown/Unsupported Attribute | |||||||||||
| 4 | Oct 30 2013 | 10:19:30 | Local:80.21.182.245:4500 Remote:75.12.34.56:62457 Username:jpk789 Warning Configuration Payload request for attribute 0x7040 could not be processed. Error: Unknown/Unsupported Attribute | |||||||||||
| 4 | Oct 30 2013 | 10:19:30 | Local:80.21.182.245:4500 Remote:75.12.34.56:62457 Username:jpk789 Warning Configuration Payload request for attribute 0x703f could not be processed. Error: Unknown/Unsupported Attribute | |||||||||||
| 4 | Oct 30 2013 | 10:19:30 | Local:80.21.182.245:4500 Remote:75.12.34.56:62457 Username:jpk789 Warning Configuration Payload request for attribute 0x703e could not be processed. Error: Unknown/Unsupported Attribute | |||||||||||
| 4 | Oct 30 2013 | 10:19:30 | Local:80.21.182.245:4500 Remote:75.12.34.56:62457 Username:jpk789 Warning Configuration Payload request for attribute 0x703d could not be processed. Error: Unknown/Unsupported Attribute | |||||||||||
| 4 | Oct 30 2013 | 10:19:30 | Local:80.21.182.245:4500 Remote:75.12.34.56:62457 Username:jpk789 Warning Configuration Payload request for attribute 0x703c could not be processed. Error: Unknown/Unsupported Attribute | |||||||||||
| 4 | Oct 30 2013 | 10:19:30 | Local:80.21.182.245:4500 Remote:75.12.34.56:62457 Username:jpk789 Warning Configuration Payload request for attribute 0x703b could not be processed. Error: Unknown/Unsupported Attribute | |||||||||||
| 6 | Oct 30 2013 | 10:19:18 | 172.16.12.17 | 64287 | 10.5.12.182 | 445 | Teardown TCP connection 123673186 for outside:172.16.12.17/64287(LOCAL\jpk789) to inside:10.5.12.182/445 duration 0:02:01 bytes 14605 Tunnel has been torn down | |||||||
| 6 | Oct 30 2013 | 10:19:17 | 172.16.12.17 | 64278 | 10.5.141.144 | 445 | Teardown TCP connection 123672510 for outside:172.16.12.17/64278(LOCAL\jpk789) to inside:10.5.141.144/445 duration 0:02:15 bytes 9237 Tunnel has been torn down | |||||||
| 6 | Oct 30 2013 | 10:19:14 | 172.16.12.17 | 64273 | 10.5.140.231 | 445 | Teardown TCP connection 123672368 for outside:172.16.12.17/64273(LOCAL\jpk789) to inside:10.5.140.231/445 duration 0:02:16 bytes 7297 Tunnel has been torn down | |||||||
| 6 | Oct 30 2013 | 10:19:04 | 172.16.12.17 | 54449 | 10.5.141.155 | 389 | Teardown UDP connection 123672541 for outside:172.16.12.17/54449(LOCAL\jpk789) to inside:10.5.141.155/389 duration 0:02:01 bytes 366 | |||||||
| 6 | Oct 30 2013 | 10:19:04 | 172.16.12.17 | 137 | 10.5.141.155 | 137 | Teardown UDP connection 123672421 for outside:172.16.12.17/137(LOCAL\jpk789) to inside:10.5.141.155/137 duration 0:02:04 bytes 486 | |||||||
| 6 | Oct 30 2013 | 10:19:00 | 172.16.12.17 | 138 | 10.5.141.155 | 138 | Teardown UDP connection 123672424 for outside:172.16.12.17/138(LOCAL\jpk789) to inside:10.5.141.155/138 duration 0:02:01 bytes 177 | |||||||
| 6 | Oct 30 2013 | 10:18:58 | 172.16.12.17 | 63666 | 10.5.141.155 | 389 | Teardown UDP connection 123672316 for outside:172.16.12.17/63666(LOCAL\jpk789) to inside:10.5.141.155/389 duration 0:02:01 bytes 366 | |||||||
| 6 | Oct 30 2013 | 10:18:58 | 172.16.12.17 | 53105 | 10.5.141.155 | 389 | Teardown UDP connection 123672300 for outside:172.16.12.17/53105(LOCAL\jpk789) to inside:10.5.141.155/389 duration 0:02:01 bytes 366 | |||||||
| 6 | Oct 30 2013 | 10:18:47 | 172.16.12.17 | 61715 | 10.5.12.182 | 389 | Teardown UDP connection 123671945 for outside:172.16.12.17/61715(LOCAL\jpk789) to inside:10.5.12.182/389 duration 0:02:01 bytes 312 | |||||||
| 6 | Oct 30 2013 | 10:18:43 | 172.16.12.17 | 54262 | 10.5.12.179 | 389 | Teardown UDP connection 123671801 for outside:172.16.12.17/54262(LOCAL\jpk789) to inside:10.5.12.179/389 duration 0:02:01 bytes 355 | |||||||
| 6 | Oct 30 2013 | 10:18:42 | 172.16.12.17 | 57911 | 10.5.141.156 | 389 | Teardown UDP connection 123671777 for outside:172.16.12.17/57911(LOCAL\jpk789) to inside:10.5.141.156/389 duration 0:02:01 bytes 365 | |||||||
| 6 | Oct 30 2013 | 10:18:40 | 172.16.12.17 | 123 | 10.5.12.182 | 123 | Teardown UDP connection 123671670 for outside:172.16.12.17/123(LOCAL\jpk789) to inside:10.5.12.182/123 duration 0:02:01 bytes 136 | |||||||
| 6 | Oct 30 2013 | 10:18:40 | 172.16.12.17 | 58107 | 10.5.12.179 | 389 | Teardown UDP connection 123671639 for outside:172.16.12.17/58107(LOCAL\jpk789) to inside:10.5.12.179/389 duration 0:02:01 bytes 356 | |||||||
| 6 | Oct 30 2013 | 10:18:40 | 172.16.12.17 | 58825 | 10.5.12.179 | 389 | Teardown UDP connection 123671633 for outside:172.16.12.17/58825(LOCAL\jpk789) to inside:10.5.12.179/389 duration 0:02:02 bytes 355 | |||||||
| 6 | Oct 30 2013 | 10:18:39 | 172.16.12.17 | 60424 | 10.5.141.156 | 389 | Teardown UDP connection 123671611 for outside:172.16.12.17/60424(LOCAL\jpk789) to inside:10.5.141.156/389 duration 0:02:01 bytes 365 | |||||||
| 6 | Oct 30 2013 | 10:18:38 | 172.16.12.17 | 56635 | 10.5.141.156 | 389 | Teardown UDP connection 123671566 for outside:172.16.12.17/56635(LOCAL\jpk789) to inside:10.5.141.156/389 duration 0:02:01 bytes 365 | |||||||
| 6 | Oct 30 2013 | 10:18:38 | 172.16.12.17 | 61204 | 10.5.12.179 | 389 | Teardown UDP connection 123671558 for outside:172.16.12.17/61204(LOCAL\jpk789) to inside:10.5.12.179/389 duration 0:02:01 bytes 355 | |||||||
| 6 | Oct 30 2013 | 10:18:38 | 172.16.12.17 | 50615 | 10.5.12.179 | 389 | Teardown UDP connection 123671545 for outside:172.16.12.17/50615(LOCAL\jpk789) to inside:10.5.12.179/389 duration 0:02:01 bytes 355 | |||||||
| 6 | Oct 30 2013 | 10:18:38 | 172.16.12.17 | 57940 | 10.5.141.154 | 389 | Teardown UDP connection 123671537 for outside:172.16.12.17/57940(LOCAL\jpk789) to inside:10.5.141.154/389 duration 0:02:02 bytes 313 | |||||||
| 6 | Oct 30 2013 | 10:18:38 | 172.16.12.17 | 57939 | 10.5.141.156 | 389 | Teardown UDP connection 123671536 for outside:172.16.12.17/57939(LOCAL\jpk789) to inside:10.5.141.156/389 duration 0:02:02 bytes 366 | |||||||
| 6 | Oct 30 2013 | 10:18:38 | 172.16.12.17 | 64495 | 10.5.12.182 | 389 | Teardown UDP connection 123671532 for outside:172.16.12.17/64495(LOCAL\jpk789) to inside:10.5.12.182/389 duration 0:02:02 bytes 356 | |||||||
| 6 | Oct 30 2013 | 10:18:37 | 172.16.12.17 | 62965 | 10.5.12.182 | 389 | Teardown UDP connection 123671521 for outside:172.16.12.17/62965(LOCAL\jpk789) to inside:10.5.12.182/389 duration 0:02:01 bytes 356 | |||||||
| 6 | Oct 30 2013 | 10:18:37 | 172.16.12.17 | 54994 | 10.5.12.179 | 389 | Teardown UDP connection 123671514 for outside:172.16.12.17/54994(LOCAL\jpk789) to inside:10.5.12.179/389 duration 0:02:01 bytes 356 | |||||||
| 6 | Oct 30 2013 | 10:18:37 | 172.16.12.17 | 54993 | 10.5.12.179 | 389 | Teardown UDP connection 123671513 for outside:172.16.12.17/54993(LOCAL\jpk789) to inside:10.5.12.179/389 duration 0:02:01 bytes 356 | |||||||
| 6 | Oct 30 2013 | 10:18:37 | 172.16.12.17 | 63390 | 10.34.140.104 | 389 | Teardown UDP connection 123671483 for outside:172.16.12.17/63390(LOCAL\jpk789) to inside:10.34.140.104/389 duration 0:02:01 bytes 385 | |||||||
| 6 | Oct 30 2013 | 10:18:37 | 172.16.12.17 | 63389 | 10.33.140.104 | 389 | Teardown UDP connection 123671482 for outside:172.16.12.17/63389(LOCAL\jpk789) to inside:10.33.140.104/389 duration 0:02:01 bytes 384 | |||||||
| 6 | Oct 30 2013 | 10:18:10 | IPSEC: An inbound remote access SA (SPI= 0x5650EE30) between 75.12.34.56 and 80.21.182.245 (user= jpk789) has been deleted. | |||||||||||
| 6 | Oct 30 2013 | 10:18:10 | IPSEC: An outbound remote access SA (SPI= 0x42DBDD66) between 80.21.182.245 and 75.12.34.56 (user= jpk789) has been deleted. | |||||||||||
| 6 | Oct 30 2013 | 10:18:10 | Group | |||||||||||
| 5 | Oct 30 2013 | 10:18:10 | Local:80.21.182.245:4500 Remote:75.12.34.56:57103 Username:jpk789 SA DOWN. Reason: peer lost | |||||||||||
| 6 | Oct 30 2013 | 10:17:42 | 172.16.12.17 | 64250 | 10.5.141.186 | 445 | Teardown TCP connection 123671908 for outside:172.16.12.17/64250(LOCAL\jpk789) to inside:10.5.141.186/445 duration 0:00:57 bytes 454851 TCP Reset-I | |||||||
| 6 | Oct 30 2013 | 10:17:20 | 172.16.12.17 | 137 | 172.16.13.255 | 137 | Teardown UDP connection 123673268 for outside:172.16.12.17/137(LOCAL\jpk789) to outside:172.16.13.255/137 duration 0:00:00 bytes 0 | |||||||
| 6 | Oct 30 2013 | 10:17:19 | 172.16.12.17 | 137 | 172.16.13.255 | 137 | Teardown UDP connection 123673244 for outside:172.16.12.17/137(LOCAL\jpk789) to outside:172.16.13.255/137 duration 0:00:00 bytes 0 | |||||||
| 6 | Oct 30 2013 | 10:17:18 | 172.16.12.17 | 137 | 172.16.13.255 | 137 | Teardown UDP connection 123673218 for outside:172.16.12.17/137(LOCAL\jpk789) to outside:172.16.13.255/137 duration 0:00:00 bytes 0 | |||||||
| 6 | Oct 30 2013 | 10:16:36 | 172.16.12.17 | 63060 | 10.5.141.155 | 53 | Built inbound UDP connection 123671551 for outside:172.16.12.17/63060 (172.16.12.17/63060)(LOCAL\jpk789) to inside:10.5.141.155/53 (10.5.141.155/53) | |||||||
| 6 | Oct 30 2013 | 10:16:36 | 172.16.12.17 | 63010 | 10.5.12.182 | 88 | Built inbound TCP connection 123671549 for outside:172.16.12.17/63010 (172.16.12.17/63010)(LOCAL\jpk789) to inside:10.5.12.182/88 (10.5.12.182/88) | |||||||
| 6 | Oct 30 2013 | 10:16:36 | 172.16.12.17 | 63009 | 10.5.12.182 | 88 | Built inbound TCP connection 123671548 for outside:172.16.12.17/63009 (172.16.12.17/63009)(LOCAL\jpk789) to inside:10.5.12.182/88 (10.5.12.182/88) | |||||||
| 6 | Oct 30 2013 | 10:16:36 | 172.16.12.17 | 63008 | 10.5.141.156 | 389 | Built inbound TCP connection 123671546 for outside:172.16.12.17/63008 (172.16.12.17/63008)(LOCAL\jpk789) to inside:10.5.141.156/389 (10.5.141.156/389) | |||||||
| 6 | Oct 30 2013 | 10:16:36 | 172.16.12.17 | 50615 | 10.5.12.179 | 389 | Built inbound UDP connection 123671545 for outside:172.16.12.17/50615 (172.16.12.17/50615)(LOCAL\jpk789) to inside:10.5.12.179/389 (10.5.12.179/389) | |||||||
| 6 | Oct 30 2013 | 10:16:36 | 172.16.12.17 | 63007 | 10.5.12.182 | 88 | Built inbound TCP connection 123671544 for outside:172.16.12.17/63007 (172.16.12.17/63007)(LOCAL\jpk789) to inside:10.5.12.182/88 (10.5.12.182/88) | |||||||
| 6 | Oct 30 2013 | 10:16:36 | 172.16.12.17 | 55425 | 10.5.141.155 | 53 | Teardown UDP connection 123671487 for outside:172.16.12.17/55425(LOCAL\jpk789) to inside:10.5.141.155/53 duration 0:00:00 bytes 164 | |||||||
| 6 | Oct 30 2013 | 10:16:36 | 172.16.12.17 | 50614 | 10.5.141.155 | 53 | Built inbound UDP connection 123671543 for outside:172.16.12.17/50614 (172.16.12.17/50614)(LOCAL\jpk789) to inside:10.5.141.155/53 (10.5.141.155/53) | |||||||
| 6 | Oct 30 2013 | 10:16:35 | 172.16.12.17 | 56263 | 10.5.141.156 | 53 | Built inbound UDP connection 123671461 for outside:172.16.12.17/56263 (172.16.12.17/56263)(LOCAL\jpk789) to inside:10.5.141.156/53 (10.5.141.156/53) | |||||||
| 6 | Oct 30 2013 | 10:16:35 | 172.16.12.17 | 60708 | 10.5.141.155 | 53 | Built inbound UDP connection 123671460 for outside:172.16.12.17/60708 (172.16.12.17/60708)(LOCAL\jpk789) to inside:10.5.141.155/53 (10.5.141.155/53) | |||||||
| 6 | Oct 30 2013 | 10:16:35 | 172.16.12.17 | 56982 | 10.5.141.156 | 53 | Built inbound UDP connection 123671459 for outside:172.16.12.17/56982 (172.16.12.17/56982)(LOCAL\jpk789) to inside:10.5.141.156/53 (10.5.141.156/53) | |||||||
| 6 | Oct 30 2013 | 10:16:35 | 172.16.12.17 | 64548 | 10.5.141.155 | 53 | Built inbound UDP connection 123671458 for outside:172.16.12.17/64548 (172.16.12.17/64548)(LOCAL\jpk789) to inside:10.5.141.155/53 (10.5.141.155/53) | |||||||
| 6 | Oct 30 2013 | 10:16:35 | 172.16.12.17 | 60827 | 10.5.141.156 | 53 | Built inbound UDP connection 123671457 for outside:172.16.12.17/60827 (172.16.12.17/60827)(LOCAL\jpk789) to inside:10.5.141.156/53 (10.5.141.156/53) | |||||||
| 6 | Oct 30 2013 | 10:16:35 | 172.16.12.17 | 64207 | 10.5.141.155 | 53 | Built inbound UDP connection 123671453 for outside:172.16.12.17/64207 (172.16.12.17/64207)(LOCAL\jpk789) to inside:10.5.141.155/53 (10.5.141.155/53) | |||||||
| 6 | Oct 30 2013 | 10:16:35 | 172.16.12.17 | 137 | 172.16.13.255 | 137 | Teardown UDP connection 123671443 for outside:172.16.12.17/137(LOCAL\jpk789) to outside:172.16.13.255/137 duration 0:00:00 bytes 0 | |||||||
| 6 | Oct 30 2013 | 10:16:35 | 172.16.12.17 | 137 | 172.16.13.255 | 137 | Teardown UDP connection 123671442 for outside:172.16.12.17/137(LOCAL\jpk789) to outside:172.16.13.255/137 duration 0:00:00 bytes 0 | |||||||
| 6 | Oct 30 2013 | 10:16:35 | 172.16.12.17 | 137 | 172.16.13.255 | 137 | Teardown UDP connection 123671441 for outside:172.16.12.17/137(LOCAL\jpk789) to outside:172.16.13.255/137 duration 0:00:00 bytes 0 | |||||||
| 6 | Oct 30 2013 | 10:16:34 | IPSEC: An inbound remote access SA (SPI= 0x5650EE30) between 80.21.182.245 and 75.12.34.56 (user= jpk789) has been created. | |||||||||||
| 6 | Oct 30 2013 | 10:16:34 | IPSEC: An outbound remote access SA (SPI= 0x42DBDD66) between 80.21.182.245 and 75.12.34.56 (user= jpk789) has been created. | |||||||||||
| 5 | Oct 30 2013 | 10:16:34 | Local:80.21.182.245:4500 Remote:75.12.34.56:57103 Username:jpk789 SA UP. Reason: New Connection Established | |||||||||||
| 4 | Oct 30 2013 | 10:16:34 | Local:80.21.182.245:4500 Remote:75.12.34.56:57103 Username:jpk789 Warning Configuration Payload request for attribute 0x7041 could not be processed. Error: Unknown/Unsupported Attribute | |||||||||||
| 4 | Oct 30 2013 | 10:16:34 | Local:80.21.182.245:4500 Remote:75.12.34.56:57103 Username:jpk789 Warning Configuration Payload request for attribute 0x7040 could not be processed. Error: Unknown/Unsupported Attribute | |||||||||||
| 4 | Oct 30 2013 | 10:16:34 | Local:80.21.182.245:4500 Remote:75.12.34.56:57103 Username:jpk789 Warning Configuration Payload request for attribute 0x703f could not be processed. Error: Unknown/Unsupported Attribute | |||||||||||
| 4 | Oct 30 2013 | 10:16:34 | Local:80.21.182.245:4500 Remote:75.12.34.56:57103 Username:jpk789 Warning Configuration Payload request for attribute 0x703e could not be processed. Error: Unknown/Unsupported Attribute | |||||||||||
| 4 | Oct 30 2013 | 10:16:34 | Local:80.21.182.245:4500 Remote:75.12.34.56:57103 Username:jpk789 Warning Configuration Payload request for attribute 0x703d could not be processed. Error: Unknown/Unsupported Attribute | |||||||||||
| 4 | Oct 30 2013 | 10:16:34 | Local:80.21.182.245:4500 Remote:75.12.34.56:57103 Username:jpk789 Warning Configuration Payload request for attribute 0x703c could not be processed. Error: Unknown/Unsupported Attribute | |||||||||||
| 4 | Oct 30 2013 | 10:16:34 | Local:80.21.182.245:4500 Remote:75.12.34.56:57103 Username:jpk789 Warning Configuration Payload request for attribute 0x703b could not be processed. Error: Unknown/Unsupported Attribute | |||||||||||
| 6 | Oct 30 2013 | 10:16:34 | Group | |||||||||||
| 6 | Oct 30 2013 | 10:16:34 | DAP: User jpk789, Addr 75.12.34.56, Connection AnyConnect: The following DAP records were selected for this connection: ContosoPolicy | |||||||||||
| 6 | Oct 30 2013 | 10:16:34 | AAA transaction status ACCEPT : user = jpk789 | |||||||||||
| 6 | Oct 30 2013 | 10:16:34 | AAA retrieved default group policy (DfltGrpPolicy) for user = jpk789 | |||||||||||
| 6 | Oct 30 2013 | 10:16:34 | AAA retrieved user specific group policy (useGroup1s.Grp) for user = jpk789 | |||||||||||
| 6 | Oct 30 2013 | 10:16:34 | AAA group policy for user jpk789 is being set to useGroup1s.Grp; | |||||||||||
| 6 | Oct 30 2013 | 10:16:34 | AAA user authentication Successful : server = 192.168.7.4 : user = jpk789 | |||||||||||
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide