Lag between 'connect' and username/password prompt with AnyConnect after domain migration

eschroed1 · ‎09-21-2020

We have a really weird issue that we're seeing after migrating a handful of remote users from one domain to the other. When the migration happens they're connected to VPN through AnyConnect and their profile is migrated to a new profile so they can log in on the new domain.

Once they log in to the new profile and open Cisco AnyConnect there is a 75 second lag between when they hit 'connect' and the password/username prompt comes up. This ONLY happens if the person had a profile on the machine prior to the migration. We tested with another user who had not logged into a remote laptop until AFTER the domain migration and that connection works fine with no lag.

We have tried uninstalling and reinstalling. No change. We've tried uninstalling and pulling every Cisco file we could find and that doesn't fix it either. We were able to fix it for one user by running file>>add remove snap in >> add certificate >>computer account in mmc, but that only worked on one user and then the problem came back upon reboot for them so we're at a loss here. I'd think it was a network timeout somewhere except it works for that user who didn't have a profile beforehand, which makes me think it's something happening with the copy of the profile. But we're beating our head against the wall at this point.

Mohammed al Baqari · ‎09-21-2020

>From anyconnect client try to paste message logs. From what you said, it
seems that the client is attempting and ASA and then failing over after the
first one.

Let's see what the messages are saying. If you have one ASA only, debug
webvpn anyconnect 127 on that ASA.

***** please remember to rate useful posts