could someone advice/share knowledge on the below please?
once the device sleep/hibernate/dock/undock status changes, network status in AnyConnect is not good (not trusted in trusted network). Customer OS client is Windows 7 pro 64bits. This problem blocks user. To unblock it, the user must unplug/plug the RJ45 cable to solve it for example. Is it a problem with Windows 7 or with the version of AnyConnect (3.1.02040) or are there specific settings? - To block network access, it's needed to have an unsuccessful VPN connection. Is there a remediation to block network access in non-trusted networks (after captive portal remediation) without unsuccessful VPN connection (to block our laptops) without a prompt or interactive popup or window for user?
If the VPN connection is being idle for certain time..... then definitely vpn connection will be getting disconnected and you have to reconnect, when this happens.... this is purely for security reasons.....
If you want to have strong secured VPN, then go with the strong authentication methods like radius / rsa token ... etc to protect from the un-authorized access.... also make the anyconnect vpn with tunnel all mode instead of split tunnel.... so all access should go via your network once they connect with anyconnect.... and another method is to set a virtual machine or system, from where your connects to VPN and can access only that server... from that server they can access all required applications... you can deny the copy/paste right from that virtual server.....
I understand the AC will get disconnect after idle time expires, but, once wake up the connection should not be recognise as untrusted. so in other words this would be purely down to windows placing the connection as untrusted.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...