Does anyone have a solution with AnyConnect that won't allow users to VPN when they are already inside the network? This already happens at the main site but remote sites can VPN in over the Site to Site VPN.
3 separate Offices (A+B+C)
Site to Site VPN between all offices (A+B+C)
All users connect to office A through AnyConnect
Users from Office B connect at home and then bring the computer into Office B.
AnyConnect reconnects to Office A circumventing the site-to-site VPN. - Want to Avoid
Similar issue, different setup. We have an MX in our data center handling the VPN connections. We're using Forcepoint firewalls at all sites. When I am at the office and moving off-network to on, the AnyConnect client does not disconnect from the VPN, and we can still see traffic flowing over the connection. We are also able to connect to the VPN while on the corp network. Is there possibly some hook for the Forcepoint firewall we're missing that keeps the AnyConnect client from recognizing the trusted network?