Cisco Anyconnect Outlook Disconnected



Outlook disconnected 2013TL;DR If Cisco AnyConnect is disconnecting, reconnecting every few minutes, try blocking UDP in/out ports for the vpnagent executable/service.

Outlook Disconnected Exchange

One of the simplest methods to fix Outlook won’t connect after VPN problem is to re-establish internet connection, before beginning with the VPN connection. One can consider switching web connection mode alternatively to use MS Outlook and VPN together in a conjoint manner. Re: Outlook/Office 365 is not working when turning VPN on. How do the client IP addresses compare to the exchange server's IP address. If the clients and exchange server are both in Denmark and you are doing a client VPN full tunnel to Sweden then it locks you out of anything not on the same subnet and can lock you out of anything local at all.


Cisco AnyConnect Secure Mobility Client version 4.7.04056Cisco Anyconnect Outlook Disconnected
  1. Feb 27, 2019 Workarounds to Resolve ‘Outlook Cannot Connect After VPN’ Follow the below-mentioned tips to resolve Outlook VPN connection problems. Tip # 1: Restart Microsoft desktop-based Email Client. If users are facing the problem with VPN even after enabling it in MS Outlook, initially try to fix it by restarting the program.
  2. Reboot the computer. Whenever Cisco Anyconnect connects successfully to a network, it will automatically open a command prompt window in the background, silently pinging google.com to receive replies back, thus allowing Network & Sharing Center to detect internet access, and resolve the yellow exclamation.
  3. Restart Microsoft desktop-based Email Client. If users are facing the problem with VPN even after.
ClientThis one drove me nuts for the longest time until I found time to dedicate to troubleshooting it myself. Symptoms were that my AnyConnect client had been disconnecting, reconnecting every few minutes (2:50 to be exact!), which would, in turn, timeout my RDP session. Total reconnect time was only a few seconds, but you can imagine how having your concentration broken every three minutes is a productivity killer!Anyconnect
I had troubleshot this with my ISP, Comcast/Xfinity and my customer (whose site I was connecting to via VPN). Both essentially were pointing fingers at each other. It would be easy to blame the ISP because the problem didn't happen over my hotspot, but I can't help but think that the VPN server wasn't configured to properly handle such situations. Anyway, I decided to live with it (for far too long) until I could do some troubleshooting myself and figure out next steps.

Install Cisco Anyconnect Vpn

My troubleshooting steps are below, in case anyone is interested.

Cisco Anyconnect Secure Mobility Client Free


Outlook Disconnected 2007

Wireshark

Wireshark VPN test-2019-12-09-A.pcapng

Wireshark VPN test-2019-12-09-G-Comcast.pcapng

Wireshark VPN test-2019-12-09-F-Hotspot.pcapng

Wireshark VPN test-2019-12-09-E-Comcast-Reconnect at 129 sec.pcapng

Wireshark VPN test-2019-12-09-D-Hotspot.pcapng

Wireshark VPN test-2019-12-09-C-Comcast-Reconnect at 91 sec.pcapng

Wireshark VPN test-2019-12-09-B.pcapng

Noticed that most application traffic happens via DTLS (OpenSSL) over UDP, but every 20 seconds, there's a TLSv1.2 transmission from the client [PSH, ACK], but no response from the server.Client retransmits the [PSH, ACK] in intervals of 0.3, 0.6, 1.2, 2.4, 4.8, 9.6 seconds, and then sends a RST.

Google search

cisco vpn client tls every 20 seconds no ack

Article above references this, which was the most helpful

As long as DTLS is enabled, the client applies the DTLS MTU (in this case 1418) on the VPN adapter (which is enabled before the DTLS tunnel is established and is needed for routes/filters enforcement), to ensure optimum performance. If the DTLS tunnel cannot be established or it is dropped at some point, the client fails over to TLS and adjusts the MTU on the virtual adapter (VA) to the TLS MTU value (this requires a session level reconnect).

Block UDP (in & out) for VPN client in Windows Firewall

C:Program Files (x86)CiscoCisco AnyConnect Secure Mobility Clientvpnagent.exe