Cisco Cisco AnyConnect Secure Mobility Client v2.x Troubleshooting Guide
Even if the user machine has multiple other profiles they will not be able to select any of them
until OGS is disbaled.
until OGS is disbaled.
OGS Cache
Once the calculation is finished, the results are stored in the preferences_global file. There have
been issues with this data not being stored in the file before.
been issues with this data not being stored in the file before.
Location Determination
OGS caching works on a combination of the DNS domain and the individual DNS server IP
addresses. It works as follows:
addresses. It works as follows:
Location A has a DNS domain of locationa.com, and two DNS server IP addresses - ip1 and
ip2. Each domain/IP combination creates a cache key that points to an OGS cache entry. For
example: locationa.com|ip1 -> ogscache1locationa.com|ip2 -> ogscache1
ip2. Each domain/IP combination creates a cache key that points to an OGS cache entry. For
example: locationa.com|ip1 -> ogscache1locationa.com|ip2 -> ogscache1
●
If AnyConnect then connects to a physically-different network, the same buildup of domain/IP
combinations is created and checked against the cached list. If there are any matches at all,
that OGS cache value is used, and the client is still considered to be at location A.
combinations is created and checked against the cached list. If there are any matches at all,
that OGS cache value is used, and the client is still considered to be at location A.
●
Failure Scenarios
Here are some failure scenarios users might encounter:
When Connectivity to the Gateway is Lost
When OGS is used, if connectivity to the gateway to which the users are connected is lost, then
AnyConnect connects to the servers in the backup server list to the next OGS host. The order of
operations is as follows:
AnyConnect connects to the servers in the backup server list to the next OGS host. The order of
operations is as follows:
OGS contacts only the primary servers in order to determine the optimal one.
1.
Once determined, the connection algorithm is:
Attempt to connect to the optimal server.If that fails, try the optimal server’s backup server
list.If that fails, try each server that remains in the OGS selection list, ordered by its selection
results.
Attempt to connect to the optimal server.If that fails, try the optimal server’s backup server
list.If that fails, try each server that remains in the OGS selection list, ordered by its selection
results.
2.
Note: When the administrator configures the backup server list, the current profile editor only
allows the administrator to enter the Fully Qualified Domain Name (FQDN) for the backup
server, but not the user-group as is possible for the primary server:
allows the administrator to enter the Fully Qualified Domain Name (FQDN) for the backup
server, but not the user-group as is possible for the primary server: