[AusNOG] Weird Cisco SSLVPN issues from what appears to be from Telstra 4G users

Beeson, Ayden abeeson at csu.edu.au
Fri Jun 28 10:58:31 EST 2019

We are a Telstra 4G / Anyconnect SSL VPN shop and I haven't heard of any complaints for this issue. Are you using Anyconnect, or just using the clientless VPN?

Are they 100% using the 4G connection and not accidentally on hotel / public Wi-Fi that might have a captive portal on it? I didn't think Anyconnect even had a portal detection feature, I've never seen one on any versions I have run.

There might be a portal check feature if it does have one that is failing to reach your ASA/VPN termination gear, even though the actual connection is fine. I'm not aware of specifics around a mechanism if one exists so that’s speculation at best, but maybe ICMP reachability etc?


On 26/6/19, 1:18 pm, "AusNOG on behalf of Drikus Brits" <ausnog-bounces at lists.ausnog.net on behalf of drikusinaus at gmail.com> wrote:

    Have anybody else picked up weird issues regarding SSLVPN connections.
    We've had a bunch of customers complaining about getting popups
    claiming that the user is behind a captive portal and needs to
    authenticate/resolve connectivity issues first before the SSLVPN
    software can connect.
    a bit spread thing trying to locate the exact reason, but seems it is
    very erratic with customers scattered.
    Brennan IT
    AusNOG mailing list
    AusNOG at lists.ausnog.net

More information about the AusNOG mailing list