Script cisco anyconnect VPN connection

Unanswered Question
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
hadbou Thu, 06/19/2008 - 11:17

To minimize download time, the AnyConnect client requests downloads (from the security appliance) only of core modules that it needs for each feature that it supports. To enable new features, such as Start Before Logon (SBL), you must specify the module name using the svc modules command from group policy webvpn or username webvpn configuration mode:

[no] svc modules {none | value string}

The string for SBL is vpngina

whisperwind Mon, 07/14/2008 - 07:31

I have always set things like the vpn group / static ip address and such for users in the ASA CLI, specifically in the attributes section, see below:

username VPNUSER attributes

vpn-filter value VPN-GROUP

MARK BAKER Wed, 08/27/2008 - 09:42

The username should show the last username that was used. I'm not sure about the password though. I have the group assigned by a RADIUS attribute. I believe it is class 25. I actually had this already configured when using the VPN3000 and IPSec. Once I configured AnyConnect support it also was able to map the group using the already configured RADIUS attribute. I don't know if you are using RADIUS or not, but thought I would add this just in case. FYI..The user does not see a group selection box either. They are forced to the correct group transparently.

Gerard Roy Thu, 09/04/2008 - 13:38

Anyone get this to work? I need to script the vpncli.exe to connect and login without user intervention. Problem is I cannot pass the username and password to the vpncli.exe. It needs to be automated. The entire process would be to fire off vpn, login, fire off pcanywhere and download some files. Once complete close pcanywhere and then tear down vpn. Anyone has a script that does something similar?


This Discussion