Hi, 

 

For work, I use Cisco's VPN client software AnyConnect Secure Mobility Client all-day to set up a secure VPN connection to one of the two office's ASA firewalls (no split-tunnel, so internet traffic is routed through the company's network). This goes very well until I join a Teams session. Varying from 1 to 20 minutes the Teams session started the VPN connection gets disconnected. The Teams session continues within 10 seconds using my own internet connection. Again when I reconnect the VPN successfully, after several minutes the VPN gets disconnected. When the Teams session is over, I reconnect VPN and I can continue to work the rest of the day without a problem. Update: I once experienced the disconnection when not using Teams.

 

During these Teams sessions I'm not able to access the companies resources when not using the VPN which is starting to frustrate. I also asked a few colleagues of mine if they have similar experiences, but no-one has (as they do not seem to have the same wireless environment as I do). 

 

I'm able to look into the Cisco application's Message History and into the local Eventlog of Cisco's AnyConnect Secure Mobility Client which is far more verbose/informational. There are several error messages in the Eventlog found. But always the first errormessage shows EventId=1, source=acvpnagent, level=error:
Function: CIPsecCrypto::CCrypto::doCombinedModeCrypto
File: IPsecCrypto.cpp
Line: 1252
EVP_CipherFinal_ex failed

 

But I can't find similar problems on the internet based on the message descriptions logged on my system. I also asked the company's Network Administrator for help. He asked me if the problem persists when using a fixed cable which it doesn't. So he determines the problem lies at my new Wireless system.

 

Fast Roaming (802.11r) is enabled, as well as the Mesh options for the wireless clients. Backhaul of all 3 AP's are wired/Ethernet. Currently using latest firmware version: 1.5.3 Build 20210309 Rel. 36309

 

Cisco AnyConnect Secure Mobility Client 4.7.04056  
(Thu Apr 22 10:15:55 2021)

Transport Information
    Protocol:    IKEv2/IPsec NAT-T
    Cipher:    AEAD_AES_128_GCM
    Compression:    None
    Proxy Address:    No Proxy

 

Notebook hardware/OS:

OS Name    Microsoft Windows 10 Enterprise
Version    10.0.18363 Build 18363
Other OS Description     Not Available
OS Manufacturer    Microsoft Corporation
System Name    NTB101542
System Manufacturer    HP
System Model    HP EliteBook 850 G5
System Type    x64-based PC
System SKU    2FH32AV
Processor    Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz, 1800 Mhz, 4 Core(s), 8 Logical Processor(s)
BIOS Version/Date    HP Q78 Ver. 01.06.00, 3-1-2019
SMBIOS Version    3.1
Embedded Controller Version    4.87
BIOS Mode    UEFI
BaseBoard Manufacturer    HP
BaseBoard Product    83B2
BaseBoard Version    KBC Version 04.57.00
Platform Role    Mobile
Secure Boot State    On
PCR7 Configuration    Elevation Required to View
Windows Directory    C:\WINDOWS
System Directory    C:\WINDOWS\system32
Boot Device    \Device\HarddiskVolume1
Locale    United States
Hardware Abstraction Layer    Version = "10.0.18362.1411"
User Name    SIMAC\SanH
Time Zone    W. Europe Daylight Time
Installed Physical Memory (RAM)    16,0 GB
Total Physical Memory    15,8 GB
Available Physical Memory    7,73 GB
Total Virtual Memory    22,0 GB
Available Virtual Memory    8,97 GB
Page File Space    6,25 GB
Page File    C:\pagefile.sys
Kernel DMA Protection    Off
Virtualization-based security    Not enabled
Device Encryption Support    Elevation Required to View
Hyper-V - VM Monitor Mode Extensions    Yes
Hyper-V - Second Level Address Translation Extensions    Yes
Hyper-V - Virtualization Enabled in Firmware    Yes
Hyper-V - Data Execution Protection    Yes

 

Wifi NIC:

Name    [00000008] Intel(R) Dual Band Wireless-AC 8265
Adapter Type    Ethernet 802.3
Product Type    Intel(R) Dual Band Wireless-AC 8265
Installed    Yes
PNP Device ID    PCI\VEN_8086&DEV_24FD&SUBSYS_10108086&REV_78\380025FFFF817B7B00
Last Reset    31-5-2021 08:51
Index    8
Service Name    Netwtw06
IP Address    192.168.68.105, fe80::b01c:f30b:a8d9:5f19
IP Subnet    255.255.255.0, 64
Default IP Gateway    192.168.68.1, fe80::929a:4aff:fe4e:1379
DHCP Enabled    Yes
DHCP Server    192.168.68.1
DHCP Lease Expires    1-6-2021 14:45
DHCP Lease Obtained    1-6-2021 12:45
MAC Address    ‪38:00:25:81:7B:7B‬
Memory Address    0xB62FE000-0xB62FFFFF
IRQ Channel    IRQ 4294967260
Driver    C:\WINDOWS\SYSTEM32\DRIVERS\NETWTW06.SYS (20.70.21.2, 8,40 MB (8.809.320 bytes), 25-1-2021 11:26)
 

Is there anyone who is able to help me finding the exact problem? 

 

Thank you.

 

UPDATE 31 may 2021:

Currently trying different Wireless NIC settings on my laptop. Changing following settings did not seem to work:

Throughput Booster -> enabled
Preferred band -> 5GHz
GTK rekeying for WoWLAN -> Disabled

 

This morning I set my Wireless client's NIC 802.11a/b/g Wireless Mode from Dual Band (2.4+5GHz) to Single band (5GHz 802.11a). Perhaps this works, but actually I don't think it does, because another parameter 802.11n/ac Wireless Mode is still set to 802.11ac, which should be using 5GHz only according to the standards. But on the otherhand, my VPN connection remained connected during the half hour Teams meeting. Somehow I hope this does help. So, fingers crossed this time.

 

UPDATE 1 june 2021:

VPN connection got disconnected again this morning using MS Teams...