SOTI Pulse Logo

Soti Mobicontrol and Cisco Secure Client (aka Annyconnect)

RR
Richard Rice
Nursery Supplies

I am integrating the Cisco Secure Client on my Honeywell CK67 handheld scanner (Android edition).

We created a profile for this device that will install Soti Mobile and also the Cisco Secure Client with the initial VPN settings needed for it to connect. All of this is working and the device can connect to our VPN and work as expected.

However, the VPN-connected scanner in MobiControl is not showing as online and available (greyed out). In this state, I cannot monitor or remotely connect to it.

I am sure a setting in the Secure VPN Client configuration will enable this, but I cannot find it.

This is our last step in configuring these devices. Any help is appreciated.

vpn annyconnect Cisco Remote Control
10 months ago
SOTI MobiControl
ANSWERS
RS
Rafael Schäfer
10 months ago

As far as i see it, from our past experience when starting to work with VPN, you need to ensrue that the server(s) and all of the relvant port(s) etc. are opened for the VPN connection as well.

This can only be a guess as i donÄT know about anything you did already but this is what we had to do when we put it in place (we used a different vpn solution as we don'T use anyconnect).

MD
Matt Dermody Diamond Contributor
10 months ago

This sounds more like a firewall issue with the internal network that you are connecting the devices through via the VPN than a VPN setting itself. 

RS
Rafael Schäfer
10 months ago

It wasn't.
Without VPN it worked all fine and with it didn't. Then our network team changed something (i guess a firewall or proxy) responsible for the VPN connection and then all worked fine. And we need to consider this for every opening we do.

That'S why i point to this as this could be the same here.

A
ATMOD@SOTI
9 months ago

Hi Richard,

Thanks for posting on SOTI Pulse.  Thanks Rafael and Matt for responding to the post, your expertise and willingness to help are greatly appreciated!

The issue of a VPN-connected scanner not appearing as online in SOTI MobiControl is often related to certain settings in the VPN client configuration. When a device is connected to a VPN, it may not properly communicate with the MobiControl server, leading to it being displayed as "greyed out."

Here are some steps and settings that you can check in the Cisco Secure Client configuration to resolve this issue:

  1. Split Tunneling: Ensure that your Cisco Secure Client is configured for split tunneling. This allows traffic to operations outside the VPN tunnel (including connections to the MobiControl server) while the device is connected to the VPN.

  2. Allow Local Network Access: Check if there is a setting enabling local network access while connected to the VPN. This allows the VPN-connected devices to maintain communication with local resources.

  3. Keep Alive Settings: Certain VPN environments use "keep-alive" mechanisms to maintain a connection. Ensure that any relevant keep-alive settings are enabled in the Cisco Secure Client configuration.

  4. Routing Configuration: Make sure that the routing inside the VPN allows for traffic to be processed correctly, specifically directing traffic to the MobiControl server while still connected through the VPN.

  5. Device Version Compatibility: Verify that the version of the Cisco Secure Client installed is compatible with your VPN settings and the Honeywell CK67.

  6. Firewall Rules: Ensure that the firewall rules on the network allow traffic from the Honeywell device through the appropriate ports, especially TCP 5494, which is critical for communications between the device and the MobiControl server.

 If this post did not assist you in resolving the issue completely and you have additional questions, please do not hesitate to reach out or you can contact SOTI Support (support@soti.net) to open a new case and one of our support engineer will be there to assist you.
Kind Regards,
Technical Support | SOTI Inc. |1.905.624.9828 | support@soti.net | www.soti.net |

Similar Discussions