AnyConnect with websense endpoint

stephen jeffrey · ‎04-17-2013

Hi, We have about 160 users setup using the Anyconnect client connecting to a ASA 5510. We are using split tunneling and also using the Websense endpoint client. Every now and again after installing the endpoint client we are unable to connect the AnyConnect. It asks for credentials waits for a while and then fails with the error "AnyConnect was not able to establish a connection to the specified secure gateway.Please try again later."

If we uninstall the endpoint client it works again and normally after reinstall it fails again ( I know). Eventually it just works and then its fine.

We have logged a call with websense and sent packet traces of working and none working . Then only thing they came back with is if we filtered the non working trace with port 80 you could see a few RST,ACK coming from the ASA to the client so they blamed the Cisco components.

Any ideas greatly received.

stephen jeffrey · ‎04-25-2013

Hi does anyone have any thoughts on this. Why does the anyconnect try port 80? is there any other fault finding I can do? Have I posted this in the wrong discussion?

8451NetAdmin · ‎08-13-2019

Hello - we ran into the same issue and resolved it by having the VPN address bypassed by Websense. I'm sorry I don't have the technical information as it was handled by our Security team, but I believe they set up the VPN address (vpn@company.com, for example) as an unfiltered destination in Websense Defense Center.