Android User Guide for Cisco AnyConnect Secure Mobility Client, Release 3.0.x
Monitoring and Troubleshooting AnyConnect
Downloads: This chapterpdf (PDF - 1.22MB) The complete bookPDF (PDF - 2.29MB) | The complete bookePub (ePub - 299.0KB) | The complete bookMobi (Mobi - 500.0KB) | Feedback

Monitoring and Troubleshooting AnyConnect

Monitoring and Troubleshooting AnyConnect

Displaying the AnyConnect Version and Licensing Details

Procedure
From the AnyConnect home window, tap Menu > About.

What to Do Next

Tap the link in the About window to open the latest version of this guide.

Viewing AnyConnect Statistics

AnyConnect records statistics when a VPN connection is present.

Procedure
    Step 1   From the AnyConnect home window, tap Menu > Statistics.

    Step 2   Tap Details to view detailed statistics. Scroll to view all statistics.

    Detailed statistics include the following values:

    • Secure Routes—An entry with the destination 0.0.0.0 and the subnet mask 0.0.0.0 means that all VPN traffic is encrypted and sent or received over the VPN connection.
    • Non-Secure Routes—Shown only if 0.0.0.0/0.0.0.0 is present under SecureRoutes.Traffic destinations, as determined by the VPNsecure gateway, that are excluded from the encryptedconnection.

    AnyConnect Logging

    Viewing Log Messages

    Procedure
      Step 1   From the AnyConnect home window, tap Menu > Diagnostics > Logging and System Information.

      AnyConnect retrieves its messages and displays them in the Messages, System and Debug windows.

      Step 2   Tap the Messages, System, or Debug tab to view log messages or system information.

      • Messages: Logs pertaining to AnyConnect activity.
      • System: Information related to memory, interface, route, filter, permissions, process, system properties, memory map, and unique device ID.
      • Debug: Logs used by administrators and Cisco Technical Assistance Center (TAC) to analyze AnyConnect issues.
      Step 3   Scroll the window to view all messages.

      Sending Log Messages

      Procedure
        Step 1   From the AnyConnect home window, tap Menu > Diagnostics > Logging and System Information.
        Step 2   Tap Send Logs.

        The log messages and all profile data are packaged into a .zip file and inserted into an e-mail message. Use the e-mail option to send the log files to your administrator if you are reporting a problem with AnyConnect. The problem statement and the steps to reproduce the problem must be specified before sending your log messages.

        Use Bluetooth to transmit locally. Bluetooth must first be enabled on both the sending and receiving devices.


        Clearing Debug Log Messages

        Procedure
          Step 1   From the AnyConnect home window, tap Menu > Diagnostics > Logging and System Information.
          Step 2   Tap Clear Debug Logs.

          Troubleshooting

          Common Problems

          I received a tun.ko error message

          A tun.ko module is required if it is not already compiled into the kernel. If it is not included on the device or compiled with the kernel, obtain or build it for your corresponding device kernel and place it in the /data/local/kernel_modules/ directory.

          I cannot edit/delete some connection entries

          Your administrator defined these connection entries in the AnyConnect Profile. See Viewing and Managing the AnyConnect profile for instructions on deleting these profiles.

          Connection timeouts and unresolved hosts

          Internet connectivity issues, a low-cell signal level, and a congested network resource are typical causes of timeouts and unresolved host errors. Try moving to an area with a stronger signal or use WiFi. If a Wi-Fi network is within reach, try using your device Settings app to establish a connection to it first. Retrying multiple times in response to timeouts often results in success.

          Certificate-based authentication does not work

          Check the validity and expiration of the certificate if you succeeded with it before. To do so, go to the AnyConnect home window, long-press the connection entry, and tap Certificate. The Certificates window lists all certificates. Long-press the certificate name and tap View Certificate Details. Check with your administrator to make sure that you are using the appropriate certificate for the connection.

          Error connecting, device working OK

          Ask your administrator if the VPN secure gateway is configured and licensed to permit mobile connections.

          Cannot connect to ASA, unresolvable host error

          Use an Internet browser to check the network connection. To verify network connectivity, go to https://vpn.example.com, where vpn.example.com is the URL of the VPN secure gateway.

          AnyConnect package fails to install from the Market

          Ensure that the device is listed as one of the Supported Android Devices.

          “Installation Error: Unknown reason -8”

          If you attempt to install a brand-specific AnyConnect package on devices that are not supported, they receive this message. Review the list of supported Android devices and instructions for installing or upgrading AnyConnect to download the proper AnyConnect package for your device.

          AnyConnect error, “Could not obtain the necessary permissions to run this application. This device does not support AnyConnect.”

          AnyConnect does not work on this device. Review the list of supported Android devices and instructions for installing or upgrading AnyConnect to download the proper AnyConnect package for your device.

          Cannot e-mail logs because of a network connectivity issue

          Try another Internet-accessible network. Save the log messages in a draft e-mail message if you do not have network connectivity or you need to reset the device.

          AnyConnect frequently connects by itself

          This may be due to your Trusted Network Detection / Automatic VPN Policy. Disable the TND application preference in the AnyConnect settings to turn this functionality off.

          Authentication using a one time password is not working

          Due to an Android issue, when pasting text from the clipboard, a space is inserted in front of the text. In AnyConnect, when copying text such as a one time password, the user has to delete this erroneous white space.

          Known Issues and Bugs

          This release has the following known issues and bugs:

          • AnyConnect blocks voice calls if it is sending or receiving VPN traffic over an EDGE connection because of the inherent nature of EDGE and other early radio technology.
          • Android security rules prevent the device from sending and receiving multimedia messaging service (MMS) messages while a VPN connection is up. Most devices and service providers display a notification if you try to send an MMS message while the VPN connection is up. Android permits sending and receiving of messages when the VPN is not connected.