Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member


Hi all,

could someone advice/share knowledge on the below please?


once the device sleep/hibernate/dock/undock status changes, network status in AnyConnect is not good (not trusted in trusted network). Customer OS client is Windows 7 pro 64bits. This problem blocks user. To unblock it, the user must unplug/plug the RJ45 cable to solve it for example. Is it a problem with Windows 7 or with the version of AnyConnect (3.1.02040) or are there specific settings?
- To block network access, it's needed to have an unsuccessful VPN connection. Is there a remediation to block network access in non-trusted networks (after captive portal remediation) without unsuccessful VPN connection (to block our laptops) without a prompt or interactive popup or window for user?


thanks in advance



Hi Lance, If the VPN

Hi Lance,


If the VPN connection is being idle for certain time..... then definitely vpn connection will be getting disconnected and you have to reconnect, when this happens.... this is purely for security reasons.....


If you want to have strong secured VPN, then go with the strong authentication methods like radius / rsa token ... etc to protect from the un-authorized access.... also make the anyconnect vpn with tunnel all mode instead of split tunnel.... so all access should go via your network once they connect with anyconnect.... and another method is to set a virtual machine or system, from where your connects to VPN and can access only that server... from that server they can access all required applications... you can deny the copy/paste right from that virtual server.....




New Member

Hi Karthik,thank you for the

Hi Karthik,

thank you for the quick response.

I understand the AC will get disconnect after idle time expires, but, once wake up the connection should not be recognise as untrusted. so in other words this would be purely down to windows placing the connection as untrusted.