Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

AnyConnect no IP

I am trying to configure AnyConnect and I used ASDM to configure it the first time.

My error is when AnyConnect tries to establish VPN it comes back with an error "No Assigned Address"

I pointed the Policy Group to the IP Pool and everything appears right in the config. ASA 5510 with version 8.03 and AnyConnect version 2.2

webvpn

enable outside

svc image disk0:/anyconnect-win-2.2.0140-k9.pkg 1

svc enable

group-policy default internal

group-policy default attributes

wins-server value 10.1.1.25 10.1.1.21

dns-server value 10.1.1.25 10.1.1.21

vpn-tunnel-protocol IPSec

split-tunnel-policy tunnelspecified

split-tunnel-network-list value default_splitTunnelAcl

default-domain value legalplans.com

split-dns value legalplans.com

group-policy DfltGrpPolicy attributes

webvpn

svc ask enable default webvpn timeout 10

file-entry disable

file-browsing disable

group-policy RemoteSSLGrp internal

group-policy RemoteSSLGrp attributes

wins-server value 10.1.1.25 10.1.1.21

dns-server value 10.1.1.25 10.1.1.21

vpn-tunnel-protocol svc webvpn

split-tunnel-policy tunnelspecified

split-tunnel-network-list value default_splitTunnelAcl

default-domain value legalplans.com

split-dns value legalplans.com

webvpn

url-list value Hyatt_Legal_Resources

svc dtls enable

svc ask enable default svc

username cisco password rSR3HnWu8SCJ8g2s encrypted privilege 15

tunnel-group DefaultRAGroup general-attributes

authentication-server-group RADIUS

tunnel-group DefaultWEBVPNGroup general-attributes

authentication-server-group RADIUS

tunnel-group default type remote-access

tunnel-group default general-attributes

address-pool ras

authentication-server-group RADIUS

default-group-policy default

tunnel-group default ipsec-attributes

pre-shared-key *

tunnel-group SSLvpn type remote-access

tunnel-group SSLvpn general-attributes

address-pool ras

authentication-server-group RADIUS

default-group-policy RemoteSSLGrp

2 REPLIES
New Member

Re: AnyConnect no IP

This isnt quite the fix but here is what I found out so far. During the setup wizard I created a connection profile called SSLvpn and made changes to that profile.

What I come to find out is that the system is actually strictly using the DfltGrpPolicy settings.

even if you look at the config above you will see Im trying to use the SSLvpn connection not the defaultgrppolicy.

Re: AnyConnect no IP

How are the users selecting the group to login? You need to define a way, group-url, tunnel drop down etc. Have a look at this:

http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a00808bd83d.shtml

Regards

Farrukh

200
Views
0
Helpful
2
Replies
CreatePlease to create content