Meraki

Community

Unable to disconnect a Client VPN Connection

ChowardIT
New here
‎Aug 2 2024 9:04 AM
‎Aug 2 2024 9:04 AM

Unable to disconnect a Client VPN Connection

So have an odd use case here.

 

We have an external contractor who uses a VDI and connected to our network with the anyconnect VPN. His connection is now up, but that process kicked him from his AWS instance. He now cant connect to it.

 

I have "blocked" him in policy which keeps him from doing anything but it doesnt actually break the connection. I'm sure he can reboot his box on his end but the fact that someone can connect to our network and then we cant kill that connection seems like a major oversight.

 

Google shows others with this issue since 2018. Am I missing the fix or is Block and reboot the appliance the only option?

Labels:
0 Kudos
2 Replies 2
GIdenJoe
Kind of a big deal
Kind of a big deal
‎Aug 2 2024 12:39 PM
‎Aug 2 2024 12:39 PM

I haven't checked that one yet.  Usually stuff like this is on the client page.
What you could do in the meanwhile however is to set a shorter session timeout so the sessions kills itself eventually.

That would be a good tool to build into the MX status page.
A live get VPN sessions and then some buttons do disconnect.

0 Kudos
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Aug 4 2024 2:48 AM
‎Aug 4 2024 2:48 AM

There is no way at this point in time to terminate an individual user's VPN connection, but there is nothing that prevents them from immediately reconnecting.

 

A potential "half way" solution would be to disable AnyConnect and then enable it again immediately on the MX.  This kicks aff all AnyConnect VPN users.

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.