We help IT Professionals succeed at work.
Private
Troubleshooting Question

Unable to connect to the Internet while on the VPN

M
M asked
on
58 Views
Last Modified: 2020-08-20
OS: Windows 10 version 1903
Cisco AnyConnect (Cisco AnyConnect Secure Mobility Client version 4.6..01103)
Issue: Unable to connect to the Internet while connected to the VPN using Cisco AnyConnect

Comment
Watch Question

Mohammad RummanehSr.Network & Security Engineer
CERTIFIED EXPERT

Commented:
You have two option to connect internet while using vpn ( split tunnel mode & full tunnel mode ) , what is the difference ?

basically , when your vpn is configure as split tunnel in this case , you can access your protected network via vpn and surfing internet using your own internet connection

in full tunnel mode , you can access your protected network via vpn connection and also browsing internet using the same vpn .

which mode you are using ?

https://www.cisco.com/c/en/us/support/docs/security/anyconnect-secure-mobility-client/119006-configure-anyconnect-00.html 
https://learningnetwork.cisco.com/s/question/0D53i00000KsugR/anyconnect-vpn-fulltunnel 
M

Author

Commented:
Mohammad Rummaneh,

Only a few clients are affected by this issue.
Mohammad RummanehSr.Network & Security Engineer
CERTIFIED EXPERT

Commented:
affected users has same version of operating system ? what about working users does they have same version ?
M

Author

Commented:
Yes, same OS. And working user have the same version of Cisco AnyConnect. Split tunnelling is not enabled
Mohammad RummanehSr.Network & Security Engineer
CERTIFIED EXPERT

Commented:
In this case I think you need to check your firewall configuration
Maybe those user not permitted to access internet via firewall

Hint : try username and password for working user on non working machine if it is connected and browsing internet so the problem belong to the firewall config
If not working also, in this case you need to check machine
Pete LongTechnical Architect
CERTIFIED EXPERT
Distinguished Expert 2019

Commented:
>>Split tunnelling is not enabled

Then unless you have force tunnelling (or tunnel-all) enabled, this behaviour is expected?

Cisco ASA – Remote VPN Client Internet Access

Though the information in my article (above), and posted above is slightly incorrect because we now have dynamic split includes and excludes, (not that that is relevant here!)

On a client that's connected, (and has a problem) open the AnyConnect and look at the route details tab, unless it says
Non-Secure Routes (IPv4) 0.0.0.0/0 then your behaviour is NORMAL and you need to enable split tunnelling; to enable remote internet access.

</P>
M

Author

Commented:
Pete,

Once on the VPN, Internet access is delivered to the node.

Thank you for your time.
Commented:
This one is on us!
(Get your first solution completely free - no credit card required)
UNLOCK SOLUTION

Gain unlimited access to on-demand training courses with an Experts Exchange subscription.

Get Access
Why Experts Exchange?

Experts Exchange always has the answer, or at the least points me in the correct direction! It is like having another employee that is extremely experienced.

Jim Murphy
Programmer at Smart IT Solutions

When asked, what has been your best career decision?

Deciding to stick with EE.

Mohamed Asif
Technical Department Head

Being involved with EE helped me to grow personally and professionally.

Carl Webster
CTP, Sr Infrastructure Consultant
Empower Your Career
Did You Know?

We've partnered with two important charities to provide clean water and computer science education to those who need it most. READ MORE

Ask ANY Question

Connect with Certified Experts to gain insight and support on specific technology challenges including:

  • Troubleshooting
  • Research
  • Professional Opinions
Unlock the solution to this question.
Join our community and discover your potential

Experts Exchange is the only place where you can interact directly with leading experts in the technology field. Become a member today and access the collective knowledge of thousands of technology experts.

*This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

OR

Please enter a first name

Please enter a last name

8+ characters (letters, numbers, and a symbol)

By clicking, you agree to the Terms of Use and Privacy Policy.