03-30-2017 08:27 AM
I am looking at implementing Cisco AnyConnect for our mobile users. One question that I have is will AnyConnect be active when the user is on the office and connected to the LAN? Or will AnyConnect always be on and force users to go out of the network then back in (thus creating extra hops).
Is there something where AnyConnect will detect to know that the device is on a company LAN.
Thank You!
03-30-2017 08:46 AM
You can use the Anyconnect Trusted Network Detection feature to automatically disconnect when on an internal trusted network. The trusted network is detected based on dns and domain name.
http://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect44/administration/guide/b_AnyConnect_Administrator_Guide_4-4/configure-vpn.html#ID-1428-00000152
04-06-2017 06:49 AM
Trusted Network Detection is a nice feature and certainly addresses the question in the original post. But it is not the only answer for that question about the behavior of AnyConnect. It is not necessary to configure AnyConnect to be always on. Most of the customers that I have worked with to implement AnyConnect do not configure it for always on. And in that case when a user is on the office LAN they do not start AnyConnect and that solves the issue.
HTH
Rick
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide