TransWikia.com

Cisco AnyConnect vpn stops internet connection in Windows 8

Super User Asked by Evelyn on February 7, 2021

I have a VPN set up through Cisco AnyConnect 3.1.04072 on a Windows 8 laptop. I can connect to the vpn, but as soon as I do, all internet traffic stops. I’ve been researching for days now and I haven’t found a solution. A few suggestions I found included unchecking “Use default gateway on remote network” in properties, updating drivers, and editing a key in regedit.

We have three machines that use AnyConnect (a Mac, a Win7, and my Win8) with the same vpn service and mine is the only one with this problem. Also, it began only a few days ago when Cisco released the 3.1.04072 update.

Here’s the configuration…

Windows IP Configuration

Ethernet adapter Ethernet 2:

   Connection-specific DNS Suffix  . : studentsolutions.org
   Description . . . . . . . . . . . : Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
   Physical Address. . . . . . . . . : 00-05-9A-3C-7A-00
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::dab:ae7:bbd7:359b%50(Preferred)
   Link-local IPv6 Address . . . . . : fe80::8d58:7076:5587:59b9%50(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.247.152(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.224
   Default Gateway . . . . . . . . . : ::
                                       192.168.247.129
   DHCPv6 IAID . . . . . . . . . . . : 838862234
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-63-E5-A0-B8-88-E3-EA-82-47

   DNS Servers . . . . . . . . . . . : 172.16.1.200
   NetBIOS over Tcpip. . . . . . . . : Enabled

Wireless LAN adapter Wi-Fi:

   Connection-specific DNS Suffix  . :
   Description . . . . . . . . . . . : Intel(R) Centrino(R) Wireless-N 2230
   Physical Address. . . . . . . . . : 60-36-DD-43-86-A4
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::9a9:3e90:9529:a776%38(Preferred)
   IPv4 Address. . . . . . . . . . . : 192.168.2.106(Preferred)
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Tuesday, December 17, 2013 6:13:47 PM
   Lease Expires . . . . . . . . . . : Wednesday, December 18, 2013 7:41:12 PM
   Default Gateway . . . . . . . . . : 192.168.2.1
   DHCP Server . . . . . . . . . . . : 192.168.2.1
   DHCPv6 IAID . . . . . . . . . . . : 207632093
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-63-E5-A0-B8-88-E3-EA-82-47

   DNS Servers . . . . . . . . . . . : 192.168.2.1
   NetBIOS over Tcpip. . . . . . . . : Enabled

Tunnel adapter isatap.studentsolutions.org:

   Connection-specific DNS Suffix  . : studentsolutions.org
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter #13
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::5efe:192.168.247.152%47(Preferred)

   Default Gateway . . . . . . . . . :
   DNS Servers . . . . . . . . . . . : 172.16.1.200
   NetBIOS over Tcpip. . . . . . . . : Disabled

Here’s what the routing table looks like without the vpn:

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.2.1    192.168.2.106     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
    192.168.2.106  255.255.255.255         On-link     192.168.2.106    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.2.106    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.2.106    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 16    306 ::/0                     On-link
  1    306 ::1/128                  On-link
 16    306 2001::/32                On-link
 16    306 2001:0:9d38:6ab8:2892:2af2:3f57:fd95/128
                                    On-link
 16    306 fe80::/64                On-link
 38    281 fe80::9a9:3e90:9529:a776/128
                                    On-link
 16    306 fe80::2892:2af2:3f57:fd95/128
                                    On-link
  1    306 ff00::/8                 On-link
 16    306 ff00::/8                 On-link
 38    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None

And here’s what happens after I connect to the vpn:

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.2.1    192.168.2.106     25
          0.0.0.0          0.0.0.0  192.168.247.129  192.168.247.152      2
     64.111.25.65  255.255.255.255      192.168.2.1    192.168.2.106     26
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.2.1  255.255.255.255         On-link     192.168.2.106     26
    192.168.2.106  255.255.255.255         On-link     192.168.2.106    281
    192.168.214.0    255.255.255.0      192.168.2.1    192.168.2.106     25
    192.168.215.0    255.255.255.0      192.168.2.1    192.168.2.106     25
    192.168.216.0    255.255.255.0      192.168.2.1    192.168.2.106     25
  192.168.247.128  255.255.255.224         On-link   192.168.247.152    257
  192.168.247.152  255.255.255.255         On-link   192.168.247.152    257
  192.168.247.159  255.255.255.255         On-link   192.168.247.152    257
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link     192.168.2.106    281
        224.0.0.0        240.0.0.0         On-link   192.168.247.152    257
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link     192.168.2.106    281
  255.255.255.255  255.255.255.255         On-link   192.168.247.152    257
===========================================================================
Persistent Routes:
  Network Address          Netmask  Gateway Address  Metric
          0.0.0.0          0.0.0.0  192.168.247.129       1
===========================================================================

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 50     41 ::/0                     On-link
  1    306 ::1/128                  On-link
 50    296 fe80::/64                On-link
 47    306 fe80::5efe:192.168.247.152/128
                                    On-link
 38    281 fe80::9a9:3e90:9529:a776/128
                                    On-link
 50    296 fe80::dab:ae7:bbd7:359b/128
                                    On-link
 50    296 fe80::8d58:7076:5587:59b9/128
                                    On-link
  1    306 ff00::/8                 On-link
 38    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None

Pinging the DNS server 172.16.1.200 is unsuccessful. I’ve tried changing the DNS server in the control panel properties to other things like google’s DNS, but the result is the same. All pings fail, as does tracert and nslookup:

>nslookup    
DNS request timed out.
timeout was 2 seconds.
Default Server:  UnKnown
Address:  172.16.1.200

If someone could point me in the right direction I would really appreciate it!

3 Answers

I´ve seen this is a common error and for those who are still looking for an answer, this is that I did.

I have the Cisco AnyConnect Client on my Windows 10 using split tunneling but with ipv6 disabled. After connecting to the VPN I was losing connectivity to the internet because of a DNS problem. Sniffing the traffic with Wireshark I couldn´t see any DNS traffic coming out of any interface. For some reason, Windows 10 was using IPV6 to connect to the internet and Cisco AnyConnect client likes to dump all IPV6 traffic.

The solution was to disable IPV6 on my interface.

enter image description here

Answered by mavi on February 7, 2021

the reason you lost internet is because the asa was set in full tunnel mode which mean all your traffic will go through the vpn tunnel. If you have access to the ASA, set it to split-tunnel mode then you will be able to access your internet again.

Answered by bryan on February 7, 2021

Disable IPv6 on your Microsoft PC under the "Local Area Connection" within "Network and Sharing Center" and get back to me. This has worked on three of our computers all with different OS's.

Answered by Kyle on February 7, 2021

Add your own answers!

Ask a Question

Get help from others!

© 2024 TransWikia.com. All rights reserved. Sites we Love: PCI Database, UKBizDB, Menu Kuliner, Sharing RPP