Meraki

Community

AnyConnect popping up

lmorel
Getting noticed
‎Feb 28 2022 12:45 PM
‎Feb 28 2022 12:45 PM

AnyConnect popping up

I am testing AnyConnect and got the authentication part working well (SAML). But now I am wondering about the user experience and the AnyConnect client popping up anytime there is a change in connectivity with my wifi or ethernet connection. For example, I am in the office right now and anytime I stepped away from my desk long enough and I come back, the AnyConnect client is open with the "You may need to use a browser to gain access". Interestingly enough, my laptop is plugged in with power and set to not go to sleep. I suspect power saving changes made by Microsoft in the last few years are more aggressive and some devices go to "sleep". AnyConnect picks up on it and pops up. While this might be a small annoyance (just close it), I know my users are going to complain a lot. 

 

I thought I just needed to disable the Disable Captive Portal Detection option and I already did that. And this is what I have in my profile file:

<DisableCaptivePortalDetection UserControllable="false">true</DisableCaptivePortalDetection>

 

Other options I have currently configured in my profile file that might be relevant (or not):

 

<AutoConnectOnStart UserControllable="false">false</AutoConnectOnStart>

<MinimizeOnConnect UserControllable="true">true</MinimizeOnConnect>

<AutoReconnect UserControllable="false">false</AutoReconnect>

<SuspendOnConnectedStandby>false</SuspendOnConnectedStandby>

<AutoUpdate UserControllable="false">true</AutoUpdate>

 

<AutomaticVPNPolicy>true
<TrustedDNSDomains>my_domain_here</TrustedDNSDomains>
<TrustedNetworkPolicy>Disconnect</TrustedNetworkPolicy>
<UntrustedNetworkPolicy>DoNothing</UntrustedNetworkPolicy>
<AlwaysOn>false
</AlwaysOn>
</AutomaticVPNPolicy>

 

Labels:
0 Kudos
4 Replies 4
lmorel
Getting noticed
‎Mar 1 2022 11:05 AM
‎Mar 1 2022 11:05 AM

OK, so I noticed under the Options of the client, I am seeing that the "Disable Captive Portal Detection" option is unchecked (value is "true" in xml file, not false...) and present ( = but User Controllable is set to false in xml file).

I am not sure I understand why these values are not observed though. That would explain why I am having those pop-ups then....

 

lmorel_0-1646161155923.png

 

 

 

0 Kudos
In response to lmorel
lmorel
Getting noticed
‎Mar 1 2022 11:17 AM
‎Mar 1 2022 11:17 AM

So I double-checked that I didn't use the Profile Update on the MX for the AnyConnect client. It was disabled. So I decided to upload that profile.xml file with the settings I mentioned in the original post. And what do you know. It works now and the settings are properly showing the chosen options. I will monitor how the Disable Captive Portal Detection option behave.

lmorel_1-1646162106421.png

 

 

lmorel_2-1646162236758.png

 

 

0 Kudos
In response to lmorel
JordanCN
Getting noticed
‎Jan 30 2024 2:36 PM
‎Jan 30 2024 2:36 PM

I saw that updating my profile xml enabled the users to control the Captive Portal Detection, but as you noted, even though I set it to True and True, the setting did not check the box.  Each user had to go into the Anyconnect settngs and check the box.

 

I discovered that when they set the option to Disable CPD, the setting got applied to the preferences_global.xml file under the <ControllablePreferences> section.  This entry was written:

 

<DisableCaptivePortalDetection>true</DisableCaptivePortalDetection>

 

Preliminary testing looks good. I had a person with this issue happening repeatedly and it appears to have stopped.

0 Kudos
Samuel_Young
Comes here often
‎Oct 16 2023 3:58 PM
‎Oct 16 2023 3:58 PM

How did you all go with this issue?
I've a site reporting something similar, issues seem to "float" and not effect all users.

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.