Trusted Network not detected with Anyconnect

Mogs · ‎08-23-2017

I have been testing the TND of anyconnect on your ASA 9.4 with permium peers using Windows 10 Clients and Anyconnect 3.1/4.5.

I am simply createting an Anyconnect profile, enabling Automatic VPN Policy.

Trusted Network :Disconnect

Untrusted:Connect

Trusted DNS Domains: *ourdomain.local

(I have also tried adding Trused DNS Servers)

And that is basically it.

I can connect to the Anyconnect tunnel, i see that my xml file is updated. Anyconnect is reporting that "trusted Network Detection" is enabled.

When my local lan is connected directly to the 'outdomain.local' network, Anyconnect is not detecting it and is routing all traffic over the vpn without disconnecting.

     3:29:21 PM    Establishing VPN - Initiating connection...
     3:29:21 PM    Establishing VPN - Examining system...
     3:29:21 PM    Establishing VPN - Activating VPN adapter...
     3:29:24 PM    Establishing VPN - Configuring system...
     3:29:24 PM    Establishing VPN...

Connected...

I am just trying to figure out why it would not detect the trusted network I am on.

I have tried this with multiple domain names and entering all our DNS server but nothing ever works.

Any help appreciated! Thank you!

jerico99 · ‎05-24-2018

I was struggling with this same issue. I found that if the client xml is configured to auto-connect on start, it will always establish a connection on start regardless of whether it is on a trusted network or not. Un-checking that box resolved the issue for me.