Joeri-Bos Wed, 06/24/2009 - 05:37

Hi Andrew,


Thats clear. But i want a different IP address. Is that possible?


Regards

Richard Burts Sun, 06/28/2009 - 15:58

Joeri Bos


I do not really understand what your problem is, and therefore do not know whether my suggestion is really a solution or not. But if you want the AnyConnect client to use an address different from the physical interface address of the ASA you might consider configuring the VPN clustering/load sharing feature. In configuring clustering you specify a virtual IP address and that is the address that the AnyConnect client uses to connect to.


Note that while the clustering feature is really intended for environments where there are multiple concentrators sharing an outside subnet (and an inside subnet) the feature will still work when there is only a single active concentrator.


hth


Rick

dschuckman1 Tue, 06/30/2009 - 20:53

Rick,


I do not believe that this response is totally correct. While you can enable the clustering feature and direct the VPN client to the cluster address, it actually still connects to the physical address of the interface... I know that at least from the IPSec client perspective you never actually create a connection to the virtual address.


Thanks,

David

Richard Burts Wed, 07/01/2009 - 00:17

David


As I said:"I do not really understand what your problem is, and therefore do not know whether my suggestion is really a solution or not." I understand that you do not agree with my suggestion. Until we get some clarification about what the real issue is I believe that my suggestion is as close as he can get to using a different address.


I suspect that you are correct and that there is not any way to use a different address. But till we understand better what the real issue is, my suggestion may be worth considering as a way for the client to use a different address.


HTH


Rick

Actions

This Discussion