vMX-M with Anyconnect nothing happens after duo push

Here to help

vMX-M with Anyconnect nothing happens after duo push

I've deployed a vMX-m and setup routes in Azure, I'm able to ping the public address of the virtual appliance and the ddns name of the appliance, however when trying to connect to the client VPN that was setup on the appliance, I get as far as getting a duo prompt, twice then nothing. Anything anyone could add let me know if I'm missing anything?

Kind of a big deal
Kind of a big deal

On the AnyConnect configuration in the Meraki dashboard change the timeout to something like 30s.  I'm betting you have it on the default of 5s - and you wont be completing the entire push process within 5s.

As usual, @PhilipDAth is spot on.  We were experiencing the same symptom you described when we deployed it a few months ago.  We had to raise a support ticket to get the timeout increased to 60s for DUO to work with the Anyconnect client.

Kind of a big deal

This is the setting (on the AnyConnect page) I would try changing to 30s.




Again, you're correct!  Went back and looked at the support ticket and it was for the IPsec Client VPN Radius Timeout setting, NOT AnyConnect.  We were testing both options, but opted to disable IPsec VPN and deploy AnyConnect only.

Kind of a big deal

@ehutson82 : I heard that same issue from my friends network and i think @PhilipDAth said right, change the parameter and then check.

Cisco IT Blogs awarded in 2020 & 2021
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.