06-11-2009 05:22 PM
Hi,
I currently have a WebVPN + AnyConnect setup on a 871 router working #1. I am able to give out ip's from my own dhcp pool, a feature I greatly appreciate. Since my network is also v6-compliant and most of my stuff is transferred, how would I go to give out my prefix and RA through the VPN? My router is already setup for v6, the only thing I need to do is to tell it to AnyConnect.
Here is my setup:
ip dhcp excluded-address 192.168.1.1 192.168.1.100
!
ip dhcp pool lan
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
domain-name xxxx.net
dns-server 24.xxx.xxx.xx
!
interface Vlan10
description $FW_INSIDE$
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly
ipv6 address 2001:xxx:xxx:1::1/64
ipv6 enable
!
ip local pool sslclients 192.168.1.80 192.168.1.90
webvpn gateway gateway_1
ip address 69.xx.xx.xx port 443
ssl trustpoint TP-self-signed-506703934
inservice
!
webvpn install svc flash:/webvpn/svc_1.pkg sequence 1
!
webvpn context sslvpn
secondary-color white
title-color #CCCC66
text-color black
ssl authenticate verify all
!
!
policy group policy_1
functions svc-enabled
svc address-pool "sslclients"
svc keep-client-installed
svc split include 192.168.1.0 255.255.255.0
default-group-policy policy_1
aaa authentication list sdm_vpn_xauth_ml_1
gateway gateway_1 domain sslvpn
inservice
!
So basically, I would like to hand out addresses from my 2001:xxx:xxx:1::1/64 pool (it is also a routable /48)
Any help appreciated.
06-12-2009 01:08 PM
This is not currently supported. Please refer to the restrictions section of the below doc.
http://www.cisco.com/en/US/docs/ios/12_4t/12_4t11/htwebvpn.html#wp1053807
06-12-2009 03:22 PM
Thank you for your reply, do you know if it will be supported in the near future?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: