cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1067
Views
0
Helpful
3
Replies

Anyconnect connects usign IP address but not registered DNS address

Computerwiz24
Level 1
Level 1

Hello,

I have a anyconnect vpn setup which works fine as long as I'm connecting using the IP address and port number. I have recently bought a domain and setup a sub domain for example vpn.company.com now redirects to my IP XXX.XXX.XXX.XXX: <port number>  If i put the sub domain in a web browser it will go to the login page but when i try it on anyconnect still just times out? Anybody ever seen this?

Thank you

3 Replies 3

Rahul Govindan
VIP Alumni
VIP Alumni

It could do with the SSL version support on the browser vs the client. If you are using the same FQDN and port, the behavior should ideally be the same. What is the version of the ASA and Anyconnect client? Also what ssl parameters are set up on the ASA? A "show run all ssl" should give you this information.

Currently the ASA is running version 9.2 with ASDM 7.6 and anyconnect version 4.2.02075  

Here's the SSL info 

asa# sh run all ssl
ssl server-version tlsv1
ssl client-version tlsv1-only
ssl encryption rc4-sha1 dhe-aes128-sha1 dhe-aes256-sha1 aes128-sha1 aes256-sha1 3des-sha1 null-sha1
ssl trust-point ASDM_TrustPoint1 outside
ssl certificate-authentication fca-timeout 2

Thank you for the help 

Computerwiz24
Level 1
Level 1

Maybe i have the domain set up incorrectly. I bought a domain  (ex: company.com) and made an A record to point to my public IP. I then made a subdomain (ex: vpn) and pointed it to https:"public IP'."port" since im not using the standard 443 port. So now i should be able to use vpn.company.com on my anyconnect client.  Is this correct?

Thank you

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: