I have a ticket open with Meraki on this issue, but the run-down: I have a site that I switched to AnyConnect near the end of last year, just using the default config, as they only have a couple of users, so default port of 443. Well, a few weeks ago, I get a call from them that their "internet is going up and down". Check the dashboard, see no immediate evidence of this happening (all green) and told her I'd upgrade them to 16.16, which I had scheduled, that night, and we'll see if that fixed it. Well, we had one day of nothing happening and then it started again.Checked the logs more thoroughly this time and saw that all ports that had a link on them had flapped. Odd. I searched specifically for that and saw that this appeared to be happening at least once a day.I opened a ticket and they apparently saw some issues in the logs and told me they were sending me a new unit. Excellent I thought. So, installed the new unit and figured I'd check the logs to ensure that this error message was gone. It wasn't. I was seeing the exact same thing with the replacement unit: Support didn't seem concerned because the customer hadn't complained yet, but I logged into the 2960 stack that's one of the units behind the MX and it was showing its uplink being connected/disconnected when I see the flap in the MX logs, so clearly, this is still actively taking place (GI1/0/1): Then I noticed that the AnyConnect service seemed to be restarting at the same time: Also, because of the use of the default, port, the AnyConnect service was getting hammered by foreign IP's and this appeared to be triggered it to restart: So, while I wait on support to get back to me, I just changed the port AnyConnect was on to stop the hammering, and, so far, it has been 24hrs and no interface flap, but the real test will be tomorrow morning when all the users are back, as this may just be an unrelated correlation. However, IF this observation does indeed show that the hits on the service are triggering the interface flap, there is clearly an issue with the service that will have to be dealt with.
... View more