Issues when connecting to remote network using Cisco AnyConnect

Last year I received a new business laptop. Too bad it was still deployed with Windows 7 Enterprise, since Windows 8 wasn’t available yet.

The situation
Because I’m a desktop guy I really wanted to run Windows 8 (when it arrived) on my laptop, so I decided to P2V my Windows 7 install. With Windows 8 I was able to run Hyper-V and run (whenever I needed to) my Windows 7 install from there.

A few weeks ago I upgraded my home lab to Windows Server 2012 R2 and installed Windows 8.1 Enterprise on my laptop. Because I also configured Direct Access on the environment and my (business) laptop is domain joined on my home lab, so I’m able to demonstrate all the nice new features, I decided to move my Windows 7 VHD to my home lab. I also upgraded the virtual machine to Windows 8.1, so far so good.

The issue
Too bad our internal IT department doesn’t have Direct Access in place (yet?), I have to setup a VPN connection to access company network resources from within the Windows 8.1 VHD. No problem you should say, but the current Cisco AnyConnect configuration doesn’t like being started from within an RDP session. I received the following error:


Since I’m connecting to this virtual machine from my business laptop (running Windows 8.1, domain joined to my home lab and connected through Direct Access), I could also use the Hyper-V Virtual Machine Connection to connect to the VM. Too bad this didn’t work….at first.

When you are running Windows 8.1 (or Server 2012 R2) on Hyper-V 3.1 and are using the Virtual Machine Connection to connect to the VM, by default Enhanced session is enabled. On the back ground you’re still making a RDP connection to that VM.


The Solution
When I disabled the Enhanced session and using a ‘real’ console connection to the VM, setting up a connection with Cisco AnyConnect worked like it should.

So when you’re running Windows 8.1 at Hyper-V 3.1 and receive the error mentioned above, just disable Enhanced session when trying to connect to a remote network using Cisco AnyConnect (or any other VPN software?), or just configure Direct Access….