cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
5914
Views
0
Helpful
3
Replies

Anyconnect randomly opens

Michael Lydon
Level 1
Level 1

Just implemented an ASA5515 with Anyconnect version 3.1.04066 for VPN use.  I'm noticing that when Anyconnect is installed on our laptops...when users are in the building, not VPN'd in, it randomly pops up in the lower right corner with the "Web Authentication Required/You may need to use a browser to gain access" message.  We don't have it set to autoconnect...so I don't understand why it pops up like that. 

I'm pretty much a WAN/VPN newbie but what I did notice is when the Anyconnect pops up, our web monitoring is showing that the client is trying to access the WAN IP of the ASA device which internally we can't do (verizon controls our router so I don't know why or if this is normal but it's never been an issue) so I'm assuming not getting a reply from the ASA is why it keeps popping up.   Is there a way to stop this polling from the Anyconnect client?  

3 Replies 3

Marcin Latosiewicz
Cisco Employee
Cisco Employee

Michael,

Do you have TND/Always On configured? Maybe NAM module?

There's a few different reasons it could be popping up. Normally it would NOT try to connect on it's own, but it WILL depend on settings.

A very efficent way of troubleshooting this would be to gether DART bundle from machine which just tried to connect.

You can go through the anyconnect.txt log (at least to start with) on your own or open a TAC case and have the VPN folk go over it and tell you what happened.

M.

Thanks for the reply.   TND and NAM are not configured.   I gathered the DART information and did come up with a 401 error accessing the external IP of our ASA.  So is seems like this captive portal detection is testing the connection.  

******************************************

Date        : 10/24/2013
Time        : 09:30:23
Type        : Information
Source      : acvpnagent

Description : Function: CNetEnvironment::TestNetEnv
File: .\NetEnvironment.cpp
Line: 370
Captive portal detected. Retesting connectivity to the secure gateway in 10 seconds.


******************************************

Date        : 10/24/2013
Time        : 09:30:34
Type        : Warning
Source      : acvpnagent

Description : Function: CNetEnvironment::logProbeFailure
File: .\NetEnvironment.cpp
Line: 1432
Invoked Function: CHttpProbeAsync::SendProbe
Return Code: -27066356 (0xFE63000C)
Description: HTTP_PROBE_ASYNC_ERROR_BAD_STATUS
HTTPS (host: 65.XXX.XX.XXX; status code: 401)


******************************************

Michael,

That's a tough one... unfortunately no toggle to disable captive portal detection at the moment:

http://tools.cisco.com/Support/BugToolKit/search/getBugDetails.do?method=fetchBugDetails&bugId=CSCud97386

M.