pretty sure this isn't a unique case but I can't seem to find a viable solution.  

TL;DR - we replaced our old vpn solution with a Meraki mx67 and our linux users cannot use anyconnect due to constant reconnects

now the long version - 

Some of our end users are unable to use the Cisco AnyConnect client for linux due to it constantly reconnecting.  this is most likely due to them using docker containers on their workstations and the constant starting and stopping of these containers are triggering the reconnects.  unfortunately I can't just tell them 'don't use docker'.  With our old vpn solution we used the OpenConnect client and it worked fine.  However, we can not use the openconnect client due to constantly receiving a HTTP 401 when trying to connect.  

after testing out various variation of trying to connect with openconnect it has all resulted in a HTTP/401 error.  If you're wondering why am I using openconnect when anyconnect 'works'?  because a basic search yields 'best workaround is to use openconnect'.  plus our users like it and it's simple with almost zero change in their connect work flow.  

so here are the question(s) :

* if you've ran into this issue with openconnect, can you share what you have done to get past this issue?  

* if you have found a way to get past this constant reconnecting when a network interface state changes would you mind sharing what you've done.  

Currently on the mx67 we are using radius as the auth method and that radius (free radius) is using ldap to validate credentials.  I can share whatever is needed (and whatever I can) to get past this problem.  

TIA

Sinh