Cisco AnyConnect vpn stops internet connection in Windows 8
Super User Asked by Evelyn on February 7, 2021
I have a VPN set up through Cisco AnyConnect 3.1.04072 on a Windows 8 laptop. I can connect to the vpn, but as soon as I do, all internet traffic stops. I’ve been researching for days now and I haven’t found a solution. A few suggestions I found included unchecking “Use default gateway on remote network” in properties, updating drivers, and editing a key in regedit.
We have three machines that use AnyConnect (a Mac, a Win7, and my Win8) with the same vpn service and mine is the only one with this problem. Also, it began only a few days ago when Cisco released the 3.1.04072 update.
Here’s the configuration…
Windows IP Configuration
Ethernet adapter Ethernet 2:
Connection-specific DNS Suffix . : studentsolutions.org
Description . . . . . . . . . . . : Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
Physical Address. . . . . . . . . : 00-05-9A-3C-7A-00
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::dab:ae7:bbd7:359b%50(Preferred)
Link-local IPv6 Address . . . . . : fe80::8d58:7076:5587:59b9%50(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.247.152(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.224
Default Gateway . . . . . . . . . : ::
192.168.247.129
DHCPv6 IAID . . . . . . . . . . . : 838862234
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-63-E5-A0-B8-88-E3-EA-82-47
DNS Servers . . . . . . . . . . . : 172.16.1.200
NetBIOS over Tcpip. . . . . . . . : Enabled
Wireless LAN adapter Wi-Fi:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Intel(R) Centrino(R) Wireless-N 2230
Physical Address. . . . . . . . . : 60-36-DD-43-86-A4
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::9a9:3e90:9529:a776%38(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.2.106(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Tuesday, December 17, 2013 6:13:47 PM
Lease Expires . . . . . . . . . . : Wednesday, December 18, 2013 7:41:12 PM
Default Gateway . . . . . . . . . : 192.168.2.1
DHCP Server . . . . . . . . . . . : 192.168.2.1
DHCPv6 IAID . . . . . . . . . . . : 207632093
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-18-63-E5-A0-B8-88-E3-EA-82-47
DNS Servers . . . . . . . . . . . : 192.168.2.1
NetBIOS over Tcpip. . . . . . . . : Enabled
Tunnel adapter isatap.studentsolutions.org:
Connection-specific DNS Suffix . : studentsolutions.org
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #13
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5efe:192.168.247.152%47(Preferred)
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 172.16.1.200
NetBIOS over Tcpip. . . . . . . . : Disabled
Here’s what the routing table looks like without the vpn:
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.106 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.2.106 255.255.255.255 On-link 192.168.2.106 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.2.106 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.2.106 281
===========================================================================
Persistent Routes:
None
IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
16 306 ::/0 On-link
1 306 ::1/128 On-link
16 306 2001::/32 On-link
16 306 2001:0:9d38:6ab8:2892:2af2:3f57:fd95/128
On-link
16 306 fe80::/64 On-link
38 281 fe80::9a9:3e90:9529:a776/128
On-link
16 306 fe80::2892:2af2:3f57:fd95/128
On-link
1 306 ff00::/8 On-link
16 306 ff00::/8 On-link
38 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
And here’s what happens after I connect to the vpn:
IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.2.1 192.168.2.106 25
0.0.0.0 0.0.0.0 192.168.247.129 192.168.247.152 2
64.111.25.65 255.255.255.255 192.168.2.1 192.168.2.106 26
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.2.1 255.255.255.255 On-link 192.168.2.106 26
192.168.2.106 255.255.255.255 On-link 192.168.2.106 281
192.168.214.0 255.255.255.0 192.168.2.1 192.168.2.106 25
192.168.215.0 255.255.255.0 192.168.2.1 192.168.2.106 25
192.168.216.0 255.255.255.0 192.168.2.1 192.168.2.106 25
192.168.247.128 255.255.255.224 On-link 192.168.247.152 257
192.168.247.152 255.255.255.255 On-link 192.168.247.152 257
192.168.247.159 255.255.255.255 On-link 192.168.247.152 257
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.2.106 281
224.0.0.0 240.0.0.0 On-link 192.168.247.152 257
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.2.106 281
255.255.255.255 255.255.255.255 On-link 192.168.247.152 257
===========================================================================
Persistent Routes:
Network Address Netmask Gateway Address Metric
0.0.0.0 0.0.0.0 192.168.247.129 1
===========================================================================
IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
50 41 ::/0 On-link
1 306 ::1/128 On-link
50 296 fe80::/64 On-link
47 306 fe80::5efe:192.168.247.152/128
On-link
38 281 fe80::9a9:3e90:9529:a776/128
On-link
50 296 fe80::dab:ae7:bbd7:359b/128
On-link
50 296 fe80::8d58:7076:5587:59b9/128
On-link
1 306 ff00::/8 On-link
38 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
Pinging the DNS server 172.16.1.200 is unsuccessful. I’ve tried changing the DNS server in the control panel properties to other things like google’s DNS, but the result is the same. All pings fail, as does tracert and nslookup:
>nslookup
DNS request timed out.
timeout was 2 seconds.
Default Server: UnKnown
Address: 172.16.1.200
If someone could point me in the right direction I would really appreciate it!
3 Answers
I´ve seen this is a common error and for those who are still looking for an answer, this is that I did.
I have the Cisco AnyConnect Client on my Windows 10 using split tunneling but with ipv6 disabled. After connecting to the VPN I was losing connectivity to the internet because of a DNS problem. Sniffing the traffic with Wireshark I couldn´t see any DNS traffic coming out of any interface. For some reason, Windows 10 was using IPV6 to connect to the internet and Cisco AnyConnect client likes to dump all IPV6 traffic.
The solution was to disable IPV6 on my interface.
Answered by mavi on February 7, 2021
the reason you lost internet is because the asa was set in full tunnel mode which mean all your traffic will go through the vpn tunnel. If you have access to the ASA, set it to split-tunnel mode then you will be able to access your internet again.
Answered by bryan on February 7, 2021
Disable IPv6 on your Microsoft PC under the "Local Area Connection" within "Network and Sharing Center" and get back to me. This has worked on three of our computers all with different OS's.
Answered by Kyle on February 7, 2021
Add your own answers!
Ask a Question
Get help from others!
Recent Answers
- haakon.io on Why fry rice before boiling?
- Peter Machado on Why fry rice before boiling?
- Joshua Engel on Why fry rice before boiling?
- Lex on Does Google Analytics track 404 page responses as valid page views?
- Jon Church on Why fry rice before boiling?
Recent Questions
- How can I transform graph image into a tikzpicture LaTeX code?
- How Do I Get The Ifruit App Off Of Gta 5 / Grand Theft Auto 5
- Iv’e designed a space elevator using a series of lasers. do you know anybody i could submit the designs too that could manufacture the concept and put it to use
- Need help finding a book. Female OP protagonist, magic
- Why is the WWF pending games (“Your turn”) area replaced w/ a column of “Bonus & Reward”gift boxes?