[AusNOG] Weird Cisco SSLVPN issues from what appears to be from Telstra 4G users
Beeson, Ayden
abeeson at csu.edu.au
Fri Jun 28 10:58:31 EST 2019
We are a Telstra 4G / Anyconnect SSL VPN shop and I haven't heard of any complaints for this issue. Are you using Anyconnect, or just using the clientless VPN?
Are they 100% using the 4G connection and not accidentally on hotel / public Wi-Fi that might have a captive portal on it? I didn't think Anyconnect even had a portal detection feature, I've never seen one on any versions I have run.
There might be a portal check feature if it does have one that is failing to reach your ASA/VPN termination gear, even though the actual connection is fine. I'm not aware of specifics around a mechanism if one exists so that’s speculation at best, but maybe ICMP reachability etc?
Cheers,
Ayden
On 26/6/19, 1:18 pm, "AusNOG on behalf of Drikus Brits" <ausnog-bounces at lists.ausnog.net on behalf of drikusinaus at gmail.com> wrote:
Howdy,
Have anybody else picked up weird issues regarding SSLVPN connections.
We've had a bunch of customers complaining about getting popups
claiming that the user is behind a captive portal and needs to
authenticate/resolve connectivity issues first before the SSLVPN
software can connect.
a bit spread thing trying to locate the exact reason, but seems it is
very erratic with customers scattered.
cheers,
Drikus
Brennan IT
_______________________________________________
AusNOG mailing list
AusNOG at lists.ausnog.net
http://lists.ausnog.net/mailman/listinfo/ausnog
More information about the AusNOG
mailing list