12-20-2018 03:43 PM - edited 12-20-2018 03:43 PM
Hello (and almost Merry Christmas!),
Does anyone know exactly how AnyConnect decides if it's on a trusted network? I had a strange fault recently on a customer site where the VPN kept coming up even when the user was on-net. The DART bundle logged the following message:-
Untrusted Network detected: Policy is to Connect
(The interface <x.x.x.x> is untrusted, because DNS Domain is not among the configured TND DNS Domain *.my_company.com)
Now my first thought was that AnyConnect examines the DNS domain pushed down via DHCP (or statically configured) as reported in an ipconfig /all against the active network adapter for the "Connection-specific DNS Suffix". I came to this conclusion because it was blank for the affected users. However, users at other sites also had a blank entry here but AnyConnect knew it was on the trusted network so did not bring up the VPN.
So my question is: how does AnyConnect decide if it's connected to a trusted network or not? Is there some funky AD shizzle that goes on in the background that AnyConnect can somehow tap into and query? Or a registry entry? Or.....?
Any help/advice here is very much appreciated!
By the way, the underlying problem turned out to be that something went wrong with that site's primary router. It failed over to a 4G backup router that didn't have access to the DCs so that makes sense as the client couldn't talk to the domain. But I still want to know exactly how AnyConnect knows?
Many thanks,
Matt.
12-21-2018 03:56 AM
12-21-2018 04:02 AM
Hello RJI,
Thank you for your response. I am aware that the function is available. In fact I'm using it right now. However, I need to know EXACTLY how AnyConnect detects if it's on trusted network at a low level.
Cheers,
Matt.
12-21-2018 08:07 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide