Meraki

TS42 · ‎Oct 6 2021

I've configured the anyconnect "Always On" feature in the profile editor.

I've allowed disconnect.

I've allowed the fail to to "open".

But as soon as I click the disconnect button i lose all network activity.

I thought fail "open" would allow normal network connectivity.

--------------------------------------------------------------------------------------------------

<AlwaysOn>true
<ConnectFailurePolicy>Open
<AllowCaptivePortalRemediation>false
<CaptivePortalRemediationTimeout>5</CaptivePortalRemediationTimeout>
</AllowCaptivePortalRemediation>
<ApplyLastVPNLocalResourceRules>false</ApplyLastVPNLocalResourceRules>
</ConnectFailurePolicy>
<AllowVPNDisconnect>true</AllowVPNDisconnect>
</AlwaysOn>

--------------------------------------------------------------------------------------------------

TS42 · ‎Oct 7 2021

I opened a TAC case.

Unfortunately, changing the connect failure option does not change this behavior "an open connect failure policy does not apply if you enable the Disconnect button and the user clicks Disconnect," rather it only applies if the application itself fails to connect to the VPN.

View solution in original post

PhilipDAth · ‎Oct 6 2021

I don't know the answer.

I'm trying to remember from the last time I did one, and I think that is the expected behaviour.

TS42 · ‎Oct 7 2021

I opened a TAC case.

Unfortunately, changing the connect failure option does not change this behavior "an open connect failure policy does not apply if you enable the Disconnect button and the user clicks Disconnect," rather it only applies if the application itself fails to connect to the VPN.

Meraki

Community

Anyconnect "Alway On" fail "Open" when disconnect

Anyconnect "Alway On" fail "Open" when disconnect