When we add our domain. our users can’t connect to the vpn. they get AnyConnect was not able to establish a connection to the specified secure gateway
That’s very vague, this could be a lot of things or entirely unrelated to Cloudflare.
I have not used AnyConnect much before, but if your endpoint is something like vpn.yourdomain.com, make sure the DNS Record for that subdomain is unproxied 
. Cloudflare’s normal proxy only supports HTTP Traffic.
yeah, it’s a little vague. IT habit I guess, not to give too much information for security. do you do the subdomain unproxied on Cloudflare?
In Cloudflare yes, In the dashboard, in your website/zone, DNS → Records, find the corresponding DNS Record for the VPN endpoint, and you can Edit it and turn off Proxied to make it DNS-only.
You do lose some of Cloudflare’s protections for that hostname doing this, as the IP would be publicly visible in the DNS / Requests would go directly to it instead of through Cloudflare, but without something like Spectrum Enterprise, Cloudflare’s Proxy only supports HTTP Traffic.
thanks a million Chaika. that worked. thanks.
2 Likes
This topic was automatically closed 15 days after the last reply. New replies are no longer allowed.