Solved: AnyConnect + timeout during Auto Reconnect

Patrick Tran · ‎07-22-2011

Hello,

I configured AnyConnect with Trust Network Detection and Auto Reconnect.

I have an issue with this use case:

Users connect to AnyConnect with certificate
When 3G network becomes unavailable, AnyConnect is trying to Auto-Reconnect
After 30 minutes without network connectivity, users have this alert "Your connection to the secure gateway has been suspended longer than the allotted time limit. A new connection is necessary, which requires re-authentication"
If 3G network becomes available, TND detects that network is untrusted and connects automatically.

The message in step 3 is useless and users think they need to connect manually. How could I remove this alert?

I tried to put "idle timeout" to unlimited in Group Policy but it changes nothing.

Thanks for your support,

Patrick

Peter Davis · ‎07-22-2011

Idle timeout is the correct setting. One of two things could have gone wrong. You do not want unlmited as without a max connect time, this means ghosted sessions would not be cleaned up. I suggest a setting of 12-24hrs. If this still doesn't work, you likely applied this to the wrong group.

View solution in original post

Peter Davis · ‎07-22-2011

Idle timeout is the correct setting. One of two things could have gone wrong. You do not want unlmited as without a max connect time, this means ghosted sessions would not be cleaned up. I suggest a setting of 12-24hrs. If this still doesn't work, you likely applied this to the wrong group.

Patrick Tran · ‎07-22-2011

Hi Peter,

Thanks for your help.

I tested with 120 minutes in "idle timeout".

After 45 minutes, I have no alert. It seems to work. I think unlimited option is not correctly supported

The best solution would be no alert for this timeout when TND is configured.

This solution will fix my problem for the moment.

Thanks again !

Patrick