We are using cisco any connect VPN and want to perfom patching this month using the microsoft article for VPN connected clients.I tried to test the same but patches are not getting downloaded.Any one tested with cisco any connect vpn
Question
Nemita Roosa 
Leave an answer
Sorry, you do not have permission to answer to this question .
Answers ( 4 )
You need to check with your network team to know about the traces.. May be you can do netstat command from your affected machine.
I assume you are referring to Microsoft method is split tunneling.. if you still keep your deployments to reach to WU/MU to download updates then check at your proxy level. Nowadays proxy like Zscaler can still monitor and block traffic even users at home through Zscaler ZAPP. Any exceptions/whitelisting to contact Microsoft updates.
If you allow CM clients to contact SCCM DP (VPN boundary) then still Network Traces should help you.
What does Client logs says DTS, CTS, CAS, etc.,
I think using split tunnel and configure updates to check with MS should be straight forward and it works.
We are using Cisco AnyConnect VPN with Split-Tunnel in my org. No issues with patching.
How is your SCCM server configured? Using IBCM or CMG? Did you configure updates to check with Microsoft?
Kannan recently did a session on this recently and talked about the VPN connected clients too.
We are using IBCM server and checked with Microsoft and they’re saying we cannot get patches when devices are connected to cisco vpn.strange reply so thought to check here