hi out there
We are using Cisco AnyConnect 4.7 (03052) with TND where I test for the Domain Name and connectivity to a trusted server here in the Cooperate LAN which normally works fine. But if the users are hibernating their labtops at home and bring them into the office we often see that the client connects even though they are connected to the LAN - a trusted network
here is a relevant part of the XML file:
<ClientInitialization>
<UseStartBeforeLogon UserControllable="false">false</UseStartBeforeLogon>
<AutomaticCertSelection UserControllable="false">true</AutomaticCertSelection>
<ShowPreConnectMessage>false</ShowPreConnectMessage>
<CertificateStore>User</CertificateStore>
<CertificateStoreMac>Login</CertificateStoreMac>
<CertificateStoreOverride>true</CertificateStoreOverride>
<ProxySettings>Native</ProxySettings>
<AllowLocalProxyConnections>true</AllowLocalProxyConnections>
<AuthenticationTimeout>12</AuthenticationTimeout>
<AutoConnectOnStart UserControllable="true">false</AutoConnectOnStart>
<MinimizeOnConnect UserControllable="false">true</MinimizeOnConnect>
<LocalLanAccess UserControllable="true">true</LocalLanAccess>
<DisableCaptivePortalDetection UserControllable="false">false</DisableCaptivePortalDetection>
<ClearSmartcardPin UserControllable="true">true</ClearSmartcardPin>
<IPProtocolSupport>IPv4</IPProtocolSupport>
<AutoReconnect UserControllable="true">true
<AutoReconnectBehavior UserControllable="true">ReconnectAfterResume</AutoReconnectBehavior>
</AutoReconnect>
<AutoUpdate UserControllable="false">true</AutoUpdate>
<RSASecurIDIntegration UserControllable="false">Automatic</RSASecurIDIntegration>
<WindowsLogonEnforcement>SingleLocalLogon</WindowsLogonEnforcement>
<WindowsVPNEstablishment>LocalUsersOnly</WindowsVPNEstablishment>
<AutomaticVPNPolicy>true
<TrustedDNSDomains>(removed)</TrustedDNSDomains>
<TrustedHttpsServerList>
<TrustedHttpsServer>
<Address>(removed)</Address>
<Port>443</Port>
<CertificateHash>(removed)</CertificateHash>
</TrustedHttpsServer>
</TrustedHttpsServerList>
<TrustedNetworkPolicy>Disconnect</TrustedNetworkPolicy>
<UntrustedNetworkPolicy>Connect</UntrustedNetworkPolicy>
<AlwaysOn>false
</AlwaysOn>
</AutomaticVPNPolicy>
Has some here got this working 110% ?
br thomas iwang