We have an ASA 5510 that handles our vpn client traffic, and occasionally, we run into a client that, while using Cisco AnyConnect in conjunction with Phonefactor, the connection attempt will timeout before the connection actually establishes.
The odd thing is - The logs show the client finished connecting, and the Phonefactor server shows completed authentication. We even added a custom timeout script to increase the default 12 second timeout to 30 seconds.
This behavior has proven difficult to find a common factor for, as it has affected different versions of the client, 2.3 and 2.5, as well as Windows XP, Vista and 7 installs.
This problem does not affect our Anyconnect/RSA clients, and if the same person on the same client with the issue is migrated over to the Cisco IPSec vpn, the problem disappears.
Has anyone encountered this issue before?