Internet problems after disconnecting VPN session

Answered Question
Sep 17th, 2010

I was wondering if someone could point me to a solution for this problem I have.  A year or more ago,

when I had Vista (32 bit), I used to use the Cisco IPSEC VPN client.  Back then I found that when I disconnect from a VPN session, that something on my machine would get hosed up.  That is, I could no longer RDP to my machine from another machine (which I would do so over the internet).  I also found that I could not access other services on my machine from other machines as well across the internet.


Basically I found that if I disabled/re-enabled my NIC (done so manually or by rebooting), I could once again connect to my machine.


Now I have Windows 7 (64 bit).  As such I now also use the Cisco SSL VPN client.  I had hopes that this issue would go away with the new OS and new VPN client, however the issue persists!  Fortunately, Windows 7 Task Manager can fire based on events that occur.  I've created a Task that will disable/re-enable my NIC everytime it sees the SSL disconnection event in the event log.  While this is a great workaround for me, I'd like to get to the bottom of the issue.  I've even helped others in my office with the same issue by providing my elegant solution!


Side note:  My friend just asked me why he could not TRACERT to anything.  He was talking to me via our Corporate IM client while VPN'd into our network.  I asked if he was on the VPN while trying, and he said he first disconnected thinking that was the case.  I suggested to him that he may be hitting the same issue I have, in that the VPN is somehow corrupting his TCP stack or something.  I asked him to disconnect from VPN again, disable/enable his NIC, and lo-and-behold he could once again tracert.


Is this issue documented anywhere?  Are there any fixes?


TIA,

MCDONAMW

Correct Answer by Todd Pula about 6 years 5 months ago

What version of AnyConnect are you testing with?  This could be related to bug CSCsz12568 which was resolved in the later 2.4 client.  What you may want to do is capture a snapshot of the Windows routing table prior to connecting, once connected, and then again after disconnecting to see if there are any strange routes that may be misdirecting traffic.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Correct Answer
Todd Pula Fri, 09/17/2010 - 09:18

What version of AnyConnect are you testing with?  This could be related to bug CSCsz12568 which was resolved in the later 2.4 client.  What you may want to do is capture a snapshot of the Windows routing table prior to connecting, once connected, and then again after disconnecting to see if there are any strange routes that may be misdirecting traffic.

matthew.mcdonald Fri, 09/17/2010 - 10:20

Ah, I wonder if that may be it.  I just checked today and I had v2.3.  I just

got a copy of v2.5.1025 so I'll try that when I can.  I'll post my findings!


Edit:  Would you by chance have the details for bug CSCsz12568?  That information does not seem to be available to me as I don't have a Cisco contract.


Thanks!

Todd Pula Fri, 09/17/2010 - 11:03
Unable to access Windows Vista after disconnecting AnyConnect

Symptom:
After disconnecting AnyConnect on a Windows  Vista Ultimate x64 machine, RDP and possibly other access to the machine  does not work.

Conditions:
Windows Vista Ultimate 64-bit, after disconnecting AnyConnect.

Workaround:
Disable and re-enable the adapter or reboot the machine
matthew.mcdonald Fri, 09/17/2010 - 11:05

Wow, I couldn't have said it better myself.  That's my issue *exactly*!!!  Here's to hoping the new client works!  Will update Monday.

matthew.mcdonald Mon, 09/20/2010 - 05:37

Well, it appears the new client has resolved the issue!  Thanks for the info.


-mcdonamw

swarner01 Tue, 06/18/2013 - 10:49

I am using Cisco VPN client 5.0.07.0290, Win 7 32bit, and I am having the same issue, one out of 3 times I disconnect the VPN session (to access a local network printer) the Network is locked out completely, no access to the web or any other resource on my local network.  I followed the workaround to disable/enable the NIC card connection and it worked, however it was very slow as windows was trying to disable it, but it worked.  Its a whole lot faster to re-boot, but that means I have to quit all my programs and start working from scratch.  What is wrong with this stupid VPN client???  I didn't have this problem before and have used Cisco VPN for years.  I just got a new computer from work and downloaded the latest client.  My IT department has switched to Web Client Citrix VPN but I don't like it and it is also problematic, so I stuck with Cisco, but now I'm questioning my decision.  Is there a fix for this with the client I'm using???

Actions

This Discussion