Jan 15, 2019 Cisco AnyConnect finds the wired network and fires right up. However, if I switch over to WiFi you will see on AnyConnect it attempt to connect, fail, attempt, fail, attempt fail, until it eventually says either Service Unavailable or sticks in an 'Associating' loop. Cisco AnyConnect Secure Mobility Client empowers remote workers with frictionless, highly secure access to the enterprise network from any device, at any time, in any location while protecting the organization. For organizations of all sizes that need to protect sensitive data at scale, Duo is the user-friendly zero-trust security platform for all users, all devices and all applications. However while trying to connect using WiFi connection - VPN client allow me to login, but after that imidiatelly it drops WiFi connection and disabling WiFi service on my laptop. I'm using: Cisco AnyConnect Secure Mobility Client 3.1.09013 Intel Dual Band Wireless-AC 8260 with newest drivers. Windows 10 Pro with all recent updates. Fix 10 common Cisco VPN problems by Scott Lowe MCSE in Networking on November 7, 2005, 12:00 AM PST If you use Cisco to power your VPN solution, you know it's not without problems. 4) This will bring up 'Wi-Fi Properties' window. Click on 'Sharing' tab. 5) Check the box 'Allow Connection Sharing' and under 'Home networking connection', I chose 'Ethernet'. You can Choose 'Wi-Fi' if you want. The above setup should now allow you to connect to AnyConnect Cisco VPN while staying connected with your local wifi connection.

• Cisco Anyconnect 4.8 Download Windows
• Cisco Anyconnect Wifi Hardware Switch Is Off

Windows Anyconnect Client Installation

Windows Vista/7/8/8.1/10 (32 or 64 bit) Anyconnect Client Installation

1. Browse to NS VPN Client Download Page
2. Start the 'anyconnect-win' installer downloaded in step 2.
3. At each prompt, click 'Next.' You may see a 'User Account Control' dialog box asking if you would like to install the program. Click 'Yes.'
4. Once the install is complete, click 'Finish.'
5. Start the 'anyconnect-win-gina' installer downloaded in step 2.
6. At each prompt, click 'Next.' You may see a 'User Account Control' dialog box asking if you would like to install the program. Click 'Yes.'
7. Once the install is complete, click 'Finish.'
8. The machine will now ask to reboot. Click yes to reboot.
9. Launch the client by going to Start->All Programs->Cisco->Cisco Anyconnect Secure Mobility Client
   
10. In the field to the left of the 'Connect' button, click on the text area and type 'vpn.ufl.edu'. Click connect.
11. Authenticate with your gatorlink ID (in the form of username@ufl.edu) and your gatorlink password. Click OK.
12. The most recent version of the client and vpn configuration files will be automatically downloaded. This may require another reboot to complete the update.
13. Your client is now ready for use.

Notes:

Cisco Anyconnect 4.8 Download Windows

• Once the Anyconnect is installed on your machine, it will always be automatically upgraded to the latest version as they are published by Network Services. You shouldn't need to go through the manual installation process unless you reinstall your operating system, or your client becomes corrupted and needs to be uninstalled and reinstalled.
• After connecting for the first time, the VPN policy will be pushed to your client. The pulldown will say 'Gatorlink VPN' rather than vpn.ufl.edu after this policy is downloaded.

TL;DR If Cisco AnyConnect is disconnecting, reconnecting every few minutes, try blocking UDP in/out ports for the vpnagent executable/service.
Cisco AnyConnect Secure Mobility Client version 4.7.04056
This one drove me nuts for the longest time until I found time to dedicate to troubleshooting it myself. Symptoms were that my AnyConnect client had been disconnecting, reconnecting every few minutes (2:50 to be exact!), which would, in turn, timeout my RDP session. Total reconnect time was only a few seconds, but you can imagine how having your concentration broken every three minutes is a productivity killer!
I had troubleshot this with my ISP, Comcast/Xfinity and my customer (whose site I was connecting to via VPN). Both essentially were pointing fingers at each other. It would be easy to blame the ISP because the problem didn't happen over my hotspot, but I can't help but think that the VPN server wasn't configured to properly handle such situations. Anyway, I decided to live with it (for far too long) until I could do some troubleshooting myself and figure out next steps.
My troubleshooting steps are below, in case anyone is interested.

Cisco Anyconnect Wifi Hardware Switch Is Off

Wireshark	Wireshark VPN test-2019-12-09-A.pcapng Wireshark VPN test-2019-12-09-G-Comcast.pcapng Wireshark VPN test-2019-12-09-F-Hotspot.pcapng Wireshark VPN test-2019-12-09-E-Comcast-Reconnect at 129 sec.pcapng Wireshark VPN test-2019-12-09-D-Hotspot.pcapng Wireshark VPN test-2019-12-09-C-Comcast-Reconnect at 91 sec.pcapng Wireshark VPN test-2019-12-09-B.pcapng	Noticed that most application traffic happens via DTLS (OpenSSL) over UDP, but every 20 seconds, there's a TLSv1.2 transmission from the client [PSH, ACK], but no response from the server.Client retransmits the [PSH, ACK] in intervals of 0.3, 0.6, 1.2, 2.4, 4.8, 9.6 seconds, and then sends a RST.
Google search	cisco vpn client tls every 20 seconds no ack
Article above references this, which was the most helpful	As long as DTLS is enabled, the client applies the DTLS MTU (in this case 1418) on the VPN adapter (which is enabled before the DTLS tunnel is established and is needed for routes/filters enforcement), to ensure optimum performance. If the DTLS tunnel cannot be established or it is dropped at some point, the client fails over to TLS and adjusts the MTU on the virtual adapter (VA) to the TLS MTU value (this requires a session level reconnect).
Block UDP (in & out) for VPN client in Windows Firewall	C:Program Files (x86)CiscoCisco AnyConnect Secure Mobility Clientvpnagent.exe