Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

Green

IP Communicator kills Anyconnect VPN Connection

Anyconnect version 2.5.0217

ASA 8.0.5

IP Communicator 2.1.4

Connecting with Anyconnect and can access myremote network ok. If I launch IP Communicator it fails to register and my remote access via Anyconnect stops working. I need to close IP Communicator and restart Anyconnect to get my connection back. IP Communicator works just fine with the ipsec client. Any ideas?

1 ACCEPTED SOLUTION

Accepted Solutions

Re: IP Communicator kills Anyconnect VPN Connection

Hi Adam, long time friend !!

Sounds like bug,  I did the search in database. this one resambles the behaviour..

Bug ID: CSCte42788

ASA anyconnect DTLS CONN is torn down when tftp error MSG is rvd- CIPC
Symptom:

ASA with anyconnect DTLS connection, when tftp
inspection is enabled, if a TFTP file transfer is attempted
from the anyconnect client and if the file is not
found (or results in any TFTP error message returned), it
will intermittently disconnect the DTLS session also.

This will cause a temporary stoppage of traffic flow
as anyconnect client re-establishes the connection.

This is commonly seen in Cisco IP communicator when it tries to use
TFTP and the file is not on the TFTP server (call manager).

Conditions:

1) TFTP from client and results in a TFTP error message
2) TFTP inspection is enabled

Workaround:

1)Disable TFTP inspection
2) Use TLS intead of DTLS

Best Regards

Jorge

2 REPLIES

Re: IP Communicator kills Anyconnect VPN Connection

Hi Adam, long time friend !!

Sounds like bug,  I did the search in database. this one resambles the behaviour..

Bug ID: CSCte42788

ASA anyconnect DTLS CONN is torn down when tftp error MSG is rvd- CIPC
Symptom:

ASA with anyconnect DTLS connection, when tftp
inspection is enabled, if a TFTP file transfer is attempted
from the anyconnect client and if the file is not
found (or results in any TFTP error message returned), it
will intermittently disconnect the DTLS session also.

This will cause a temporary stoppage of traffic flow
as anyconnect client re-establishes the connection.

This is commonly seen in Cisco IP communicator when it tries to use
TFTP and the file is not on the TFTP server (call manager).

Conditions:

1) TFTP from client and results in a TFTP error message
2) TFTP inspection is enabled

Workaround:

1)Disable TFTP inspection
2) Use TLS intead of DTLS

Best Regards

Jorge

Green

Re: IP Communicator kills Anyconnect VPN Connection

Thanks Jorge, haven't been around for a while, nice to see you guys haven't lost your touch!

Disabling tftp inspection on the ASA did the trick!

1116
Views
0
Helpful
2
Replies