Re: Secure Client Automatically attempts to connect through VPN random

MatAlvarez · ‎12-04-2025

Greetings.

The Cisco Secure Client deployment in one of the work sites I operate with experiments behaviour that I've failed to diagnose the root cause of.

Sporadically, the client will try to join one of the pre-set VPNs on the Anyconnect Module for a few seconds. Whenever the client does this, the network interface currently in use by Secure Client will shutdown for a moment, approximately 1 to 3 pings.

This wouldn't be an issue where it not for another problem we have with this deployment where user endpoints sometimes fail to correctly authenticate Posture against ISE.

Hence a pattern emerges, where a user gets randomly disconnected then reconnected again, Posture runs again and user gets thrown into a Pending posture state from which they won't recover until various Posture re-scans or disconnecting and reconnecting the interface a few times.

Already have TAC on the ISE Posture problems, but it'd do me wonders if I can shut off this behaviour from Anyconnect. I suspect it's some High Availability-like feature that I'm just not locating where to shut off.

ichavdar · ‎12-09-2025

Hi,

These random connection attempts can be contributed by the following XML profile settings:

Always On
Auto Connect on Start
Auto Reconnect
Trusted Network Detection (rather unlikely but false positives with TND detection can rarely occur)

Additionally, if NAM module is in use it can also contribute to this behavior.

What I'd do is start by modifying the XML profile settings mentioned above and test if the behavior changes.

Secure Client Automatically attempts to connect through VPN randomly