12-14-2017 08:26 PM - edited 03-12-2019 04:50 AM
I'm suffering from a bizarre problem with Anyconnect V3.1 and my ASA5520. Every few days people will not be able to connect. The client is setup to connect to vpn.companyname.com. The users will attempt to connect (I can see packets being exchanged between the internet interface of the ASA and the client) but the client will timeout and give the error message "...network or PC issue". The client is able to resolve the DNS name (vpn.companyname.com) to the correct IP address of the gateway, and is able to ping that address.
If I change the gateway from vpn.company.com to the IP address that DNS entry points towards, it connects straight away.
This issue will occur for a few hours and then resolve itself without any configuration changes being made to the ASA, client or DNS server. Any ideas on where I should be looking? Or what can cause this behaviour?
12-14-2017 09:10 PM
Hi,
How many dns servers do you have for external resolution? Is reverse lookup working for vpn.companyname.com? any firewalls involved between dns and external user?
thanks
John
12-17-2017 02:31 PM
I'll have to double check with the person who looks after DNS about the number of servers involved. Reverse route isn't configured and there are no firewalls between the dns and external user.
12-15-2017 10:51 AM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide