11-12-2016 04:56 PM - edited 02-21-2020 09:03 PM
This happened to a remote employee of one of my client's, all of a sudden the AnyConnect client starting giving this (bogus) error (it's bogus because this happened at their home, where they have connected fine for many months):
The service provider in your current location is restricting access to the Internet. You need to log on with the service provider before you can establish a VPN session. You can try this by visiting any website with your browser.
Ultimately the only way I was able to get rid of this, was completely uninstall the AnyConnect software, make sure all traces were deleted, and reinstall.
Well, it just happened to me at my home (where I've also never had a problem). Same error message, I was connected and all of sudden disconnected and this error....I'm assuming at this point there is something wrong with their ASA device (5505) config.
The documentation I've found only talks about why this happens when it is "supposed to happen", as opposed to these bogus "false positives" which I haven't found a solution for. Any ever have these issues and managed to figure out what is going on? I really don't want to have to keep making housecalls to remote folks and I anticipate this will continue to happen until I figure out why it is happening.
Solved! Go to Solution.
11-12-2016 09:26 PM
Hi Pete Johnstone,
I have seen this many times, you can take a look to the following documentation:
AnyConnect can falsely assume it is in a captive portal in these situations.
This section describes how the AnyConnect behaves.
Also you have the option of removing the captive portal detection on AnyConnect versions 4.2.00096 and later:
It is possible to disable the captive portal feature in AnyConnect client version 4.2.00096 and later (see Cisco bug ID CSCud97386). The administrator can determine if the option should be user configurable or disabled. This option is available under the Preferences (Part 1) section in the profile editor. The administrator can choose Disable Captive Portal Detection or User Controllable as shown in this profile editor snapshot:
If User controllable is checked, the checkbox appears on the Preferences tab of the AnyConnect Secure Mobility Client UI as shown here:
http://www.cisco.com/c/en/us/support/docs/security/anyconnect-secure-mobility-client/118086-technote-anyconnect-00.html#anc5
Hope this info helps!!
Rate if helps you!!
-JP-
11-12-2016 09:26 PM
Hi Pete Johnstone,
I have seen this many times, you can take a look to the following documentation:
AnyConnect can falsely assume it is in a captive portal in these situations.
This section describes how the AnyConnect behaves.
Also you have the option of removing the captive portal detection on AnyConnect versions 4.2.00096 and later:
It is possible to disable the captive portal feature in AnyConnect client version 4.2.00096 and later (see Cisco bug ID CSCud97386). The administrator can determine if the option should be user configurable or disabled. This option is available under the Preferences (Part 1) section in the profile editor. The administrator can choose Disable Captive Portal Detection or User Controllable as shown in this profile editor snapshot:
If User controllable is checked, the checkbox appears on the Preferences tab of the AnyConnect Secure Mobility Client UI as shown here:
http://www.cisco.com/c/en/us/support/docs/security/anyconnect-secure-mobility-client/118086-technote-anyconnect-00.html#anc5
Hope this info helps!!
Rate if helps you!!
-JP-
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide