Re: vMX-M with Anyconnect nothing happens after duo push

ehutson82 · ‎03-15-2022

I've deployed a vMX-m and setup routes in Azure, I'm able to ping the public address of the virtual appliance and the ddns name of the appliance, however when trying to connect to the client VPN that was setup on the appliance, I get as far as getting a duo prompt, twice then nothing. Anything anyone could add let me know if I'm missing anything?

alemabrahao · ‎03-15-2022

Check this article: https://documentation.meraki.com/MX/AnyConnect_on_the_MX_Appliance/AnyConnect_Troubleshooting_Guide#....

PhilipDAth · ‎03-15-2022

On the AnyConnect configuration in the Meraki dashboard change the timeout to something like 30s. I'm betting you have it on the default of 5s - and you wont be completing the entire push process within 5s.

OCTOMG · ‎03-16-2022

As usual, @PhilipDAth is spot on. We were experiencing the same symptom you described when we deployed it a few months ago. We had to raise a support ticket to get the timeout increased to 60s for DUO to work with the Anyconnect client.

PhilipDAth · ‎03-16-2022

This is the setting (on the AnyConnect page) I would try changing to 30s.

OCTOMG · ‎03-17-2022

Again, you're correct! Went back and looked at the support ticket and it was for the IPsec Client VPN Radius Timeout setting, NOT AnyConnect. We were testing both options, but opted to disable IPsec VPN and deploy AnyConnect only.

Inderdeep · ‎03-16-2022

@ehutson82 : I heard that same issue from my friends network and i think @PhilipDAth said right, change the parameter and then check.

Regards/Inder
Cisco IT Blogs awarded in 2020 & 2021
www.thenetworkdna.com