06-24-2009 04:44 AM
Hi,
Is it possible to use a different ip address for anyconnect vpn. The 443 port is already in use at our outside interface.
Regards,
Joeri Bos
06-24-2009 05:23 AM
Yes - under your webvpn profile, you configure:-
port xxx
HTH>
06-24-2009 05:37 AM
Hi Andrew,
Thats clear. But i want a different IP address. Is that possible?
Regards
06-24-2009 05:43 AM
You cannot change the IP address of the webVPN on the interface you have enabled it on.
06-28-2009 03:58 PM
Joeri Bos
I do not really understand what your problem is, and therefore do not know whether my suggestion is really a solution or not. But if you want the AnyConnect client to use an address different from the physical interface address of the ASA you might consider configuring the VPN clustering/load sharing feature. In configuring clustering you specify a virtual IP address and that is the address that the AnyConnect client uses to connect to.
Note that while the clustering feature is really intended for environments where there are multiple concentrators sharing an outside subnet (and an inside subnet) the feature will still work when there is only a single active concentrator.
hth
Rick
06-30-2009 08:53 PM
Rick,
I do not believe that this response is totally correct. While you can enable the clustering feature and direct the VPN client to the cluster address, it actually still connects to the physical address of the interface... I know that at least from the IPSec client perspective you never actually create a connection to the virtual address.
Thanks,
David
07-01-2009 12:17 AM
David
As I said:"I do not really understand what your problem is, and therefore do not know whether my suggestion is really a solution or not." I understand that you do not agree with my suggestion. Until we get some clarification about what the real issue is I believe that my suggestion is as close as he can get to using a different address.
I suspect that you are correct and that there is not any way to use a different address. But till we understand better what the real issue is, my suggestion may be worth considering as a way for the client to use a different address.
HTH
Rick
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: