IOS SSL VPN Configuration - AnyConnect

Unanswered Question
Aug 26th, 2012
User Badges:

Hi Guys,


I have finally been able to configure the Cisco IOS SSL VPN client after days of trial and error with random bits of information I can find... most of it seems to relate to ASA devices!


Anyway I have a few questions;

  • How do I deploy the profile through the router? I want to enable the connect before login option
  • My context doesnt appear to apply as a default context even though I have 1 context? So I have to add /gatekeeper to the end of the address
  • Is there a good chart showing whats available in the ASA vs IOS versions? Disappointed that items like Remote Desktop are removed in IOS


Andrew

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
jose.vieira525 Mon, 08/27/2012 - 12:19
User Badges:

Hi Matthew


Have you managed to get this fixed?


Sent from Cisco Technical Support iPad App

jose.vieira525 Tue, 08/28/2012 - 10:06
User Badges:

Hi Matthew


You have this document for configuring IOS SSL VPN using SDM


http://www.cisco.com/en/US/products/ps6496/products_configuration_example09186a008071c58b.shtml


Also this document provides more information but it's all CLI based


http://www.cisco.com/en/US/docs/ios-xml/ios/sec_conn_sslvpn/configuration/15-2mt/sec-conn-sslvpn-smart-tunnels-support.html


But for your above questions:


How do I deploy the profile through the router? I want to enable the connect before login option


1- Download the XML Anyconnect Profile from any client C:\Users\Default\AppData\Local\........

2- Change the XML File

true


Then follow the steps in the above document to upload this to IOS and enable the profile to be pushed to the clients


My context doesnt appear to apply as a default context even though I have 1 context? So I have to add /gatekeeper to the end of the address


When you confiure the context does it allow you to configure with only the IP address and no name?


e.g. https://xx.xx.xx.xx  and not https://xx.xx.xx.xx/admin


Is there a good chart showing whats available in the ASA vs IOS versions? Disappointed that items like Remote Desktop are removed in IOS

Not that i'm aware but if you Google you mind be able to find something but in the end of the day you should be using an ASA to provide Remote Access

thesupporthouse... Tue, 08/28/2012 - 20:02
User Badges:

Hi,


Thanks for the reply, I didnt notice the domain was causing the issue so I changed


gateway gateway_1 domain gatekeeper


to


gateway gateway_1


and it fixed that issue, however I couldnt find in the documentation on how to upload a AnyConnect profile?


I am also now having a issue when I type in the address direct into AnyConnect it wont connect, but if i connect through the website it connects


Andrew

Actions

This Discussion