Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3654
Views
0
Helpful
8
Replies

AnyConnect Secure Mobility Client Slow Login

j44mistry
Level 1
Level 1

‎10-25-2014 04:35 PM - edited ‎02-21-2020 07:54 PM

Hello,

I am planning to role out with this new AnyConnect client as the IPSEC client is now EOL.   I have seen a few threads about slowness with Anyconnect but this does not answer my question as to why the SSL client takes a long time just to come back with a login prompt when trying to connect to a site.   

The IPSEC client is so much faster.  I fear the users are going to complain when this does get rolled out.

I am using the Anyconnect client with Cisco 3925 routers IOS 15.4.2 on Windows 7 laptops and IPhone.  

 

Any ideas how I can resolve this ASAP ?

 

 

 

 

 

 

 

 

Labels:
0 Helpful
8 Replies 8

Marvin Rhoads
Hall of Fame
Hall of Fame

‎10-26-2014 05:27 AM

I've never heard anyone complain about this issue. SSL VPN using AnyConnect is slightly slower that IPsec VPN using the legacy client as it does some checks for software and profile updates - features that aren't available on the old client.

I just measured an ASA system that supports both clients (using my watch, not precise) and see about 7 seconds (old IPsec client) vs. 15 seconds (AnyConnect SSL VPN). Both have the same tunneled network list and login banner configured.

0 Helpful

j44mistry
Level 1
Level 1
In response to Marvin Rhoads

‎10-27-2014 04:00 AM

I get 45 seconds to 1min delay with AnyConnect before I get login prompt but zero delay with IPSEC.

 

 

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to j44mistry

‎10-27-2014 08:01 AM

Something is misconfigured if you are having to wait 45+ seconds just for the login prompt.

0 Helpful

j44mistry
Level 1
Level 1
In response to Marvin Rhoads

‎10-27-2014 08:14 AM

 

Where is the misconfiguration ?

 

 

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to j44mistry

‎10-27-2014 06:07 PM

It's hard to say having seen none of your configuration. You experience is very atypical though and is not based on any inherent inability of the AnyConnect Secure Mobility client perform responsively.

Feel free to post your config here for review. If you have Smartnet support, you can contact the TAC for an in depth review and troubleshooting.

0 Helpful

j44mistry
Level 1
Level 1
In response to Marvin Rhoads

‎10-28-2014 04:16 AM

I have logged a case with TAC.

0 Helpful

Scott Larsen
Level 1
Level 1

‎11-19-2014 08:34 PM

I see a similar delay in the AnyConnect client displaying the login prompt.  Checking the logs on both the client and the ASA indicate that the client doesn't even attempt to talk to the ASA until the very end, so it is all "client-side" slowness.

 

My initial suspicion is in the network provider order, but I was wondering if you found anything out from the TAC.

0 Helpful

Karsten Svenningsen
Level 1
Level 1
In response to Scott Larsen

‎09-13-2017 02:40 PM

I see the same delay on 40 seconds after upgrading my Client frm 4.0 to 4.5.01044. Wireshark does not show traffic between Client ant ASA in the delay period. Any solution?

0 Helpful
Customers Also Viewed These Support Documents