Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
961
Views
0
Helpful
7
Replies

Cisco Anyconnect connection established but trouble with some internet provider.

Fast
Level 1
Level 1

‎08-04-2020 04:45 AM

I am having a unusual issue.

Although  Anyconnect is able to establish a connection the user can't access the internal shared folders or navigate to internal intranet (with no errors). This is happening with an internet provider but not for example using the mobile connection or the same internet provider located in a different place. The user is using windows 10 PRO connected by wireless (speed 100mb). I am really surprised as because once the connection is established the internet provider can't interfere with it.  

What will be the best approach to solve it out?

Thanks

Labels:
0 Helpful
7 Replies 7

Karsten Iwen
VIP
VIP

‎08-04-2020 06:31 AM

Have you checked that the user is not using the same home network as you have your company resources in?

0 Helpful

Fast
Level 1
Level 1
In response to Karsten Iwen

‎08-04-2020 06:43 AM

Do you mean network IP? The user home router is in a different LAN

0 Helpful

Mohammed al Baqari
Level 11
Level 11

‎08-04-2020 10:13 AM

It might be that provider is not happy with your mtu and isn't allowing
fragmentation. Try to reduce anyconnect mtu from default (e.g. try 1260)
and see if works. Then you can increase gradually.

*** please remember to rate useful posts
0 Helpful

Fast
Level 1
Level 1
In response to Mohammed al Baqari

‎08-07-2020 02:47 AM

 

The solution for this particular issue was disble ipv6 directly from the internet provider.

 

I was wondering, how did this thing solve the problem?

I am a bit confused.

Could someone explain me the reasons?

 

 

 

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to Fast

‎08-07-2020 03:32 AM

I've seen occasional issues where the IPv6 DNS service from the ISP doesn't successfully resolve the target VPN's IPv4 address.

I never resolved whether it was the provider DNS infrastructure or the IPv4-v6 middle box somewhere in their network but - just like your case - disabling IPv6 altogether fixed it.

0 Helpful

Fast
Level 1
Level 1
In response to Marvin Rhoads

‎08-11-2020 07:10 AM

Hi  Marvin,

 

could you please help me to understand better about this issue as It is not entirely clear for me.

 

How could the IPV6  interfere with the VPN once the tunnel is created and the connection is established?

0 Helpful

Fast
Level 1
Level 1
In response to Fast

‎08-11-2020 08:58 AM

Today I had a similar issue....with another ISP.

VPN connection established but not access to the shared folders, intranet etc.....

I could ping the server only by IP (so DNS issue)

This time I have disabled IPV6 on the network and VPN property and it seems worked.

I am very curious to understand what is behind this issue.

Thanks

 

 

 

 

0 Helpful
Customers Also Viewed These Support Documents