Hello,
I have a question for everyone. I have configured trusted network detection in a non-production environment, and basically it is working as advertised. I have found though, that when I move from an 'untrusted' network to a 'trusted' network the ASA never releases the AnyConnect assigned IP address back to the local pool. I no longer see the AnyConnect address on the client but I still see a session on the ASA (verified with 'show vpn-sessiondb detail anyconnect') with no data passing through the tunnel. The output from the command 'show ip local pool XXXXXX' still shows the assigned address in use, when actually it isn't. Has anyone else seen this before? Is this how trusted network detection works? Are there 'timers' or anything configurable that will allow this address to be returned back to the pool?
Thanks.
Jon