Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1031
Views
0
Helpful
2
Replies

Cisco CWS Reporting the Current Scanning Proxy

Go to solution
simon.edwards
Level 1
Level 1

‎11-01-2016 08:19 AM

Dear All,

I need a way of reporting the"Current Scanning Proxy". The reason I need this is that a number of users have reported the "Web Security Module" within Cisco Anyconnect is proxying out the wrong country. For example UK users in Office A are proxied via France where Office B is not.

As we're a global company I just want to do a sense check on the rest of the environment.

Thanks

Simon

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Thomas Busch
Cisco Employee
Cisco Employee

‎11-01-2016 05:37 PM

Hi Simon, 

I suspect that you are using AnyConnects' detect closest tower feature in order to allow AnyConnect WSM (Web Security Module) to send traffic to the tower that will provide the best performance based on factors such as network latency, and best path to name a few.

A common reason that this logic can happen would be due to the ISP link itself and the latency that is occurring in the path to one tower vs the other. If there is latency to the UK tower, but not to the France tower, AnyConnect will pick the France tower in order to provide the best service to you. 

You can check for this behavior specifically by running a traceroute to the towers in question and comparing the latency. Additionally, running a DART bundle in verbose mode will produce a detailed output of the stats AnyConnect used at that instance to pick the best tower. Additionally, you can uncheck the "Detect Closest tower" option and manually select the tower to use.

CWS reporting (Wire) does not currently have the ability to report on the Tower ID or country code that the traffic was processed through.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Thomas Busch
Cisco Employee
Cisco Employee

‎11-01-2016 05:37 PM

Hi Simon, 

I suspect that you are using AnyConnects' detect closest tower feature in order to allow AnyConnect WSM (Web Security Module) to send traffic to the tower that will provide the best performance based on factors such as network latency, and best path to name a few.

A common reason that this logic can happen would be due to the ISP link itself and the latency that is occurring in the path to one tower vs the other. If there is latency to the UK tower, but not to the France tower, AnyConnect will pick the France tower in order to provide the best service to you. 

You can check for this behavior specifically by running a traceroute to the towers in question and comparing the latency. Additionally, running a DART bundle in verbose mode will produce a detailed output of the stats AnyConnect used at that instance to pick the best tower. Additionally, you can uncheck the "Detect Closest tower" option and manually select the tower to use.

CWS reporting (Wire) does not currently have the ability to report on the Tower ID or country code that the traffic was processed through.

0 Helpful

Go to solution
simon.edwards
Level 1
Level 1
In response to Thomas Busch

‎11-02-2016 06:29 AM

Thanks for coming back to me Thomas.

0 Helpful
Customers Also Viewed These Support Documents