Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Anyconnect sessions showing up as clientless vpn sessions

The group policy we are currently using for anyconnect is assigned to only use sslvpn client as the tunneling protocol. Whenever anyone connects directly from anyconnect it shows them as a clientless session. Any ideas on this? Needing this fast if anyone can help?

10 REPLIES
New Member

Re: Anyconnect sessions showing up as clientless vpn sessions

I'm seeing the same issue with a client- running ASA 8.2 code and latest AnyConnect. Did you get any answers on this?

New Member

Re: Anyconnect sessions showing up as clientless vpn sessions

I am running 8.0.3, I am on the phone with the TAC right now....

New Member

Re: Anyconnect sessions showing up as clientless vpn sessions

I was told I needed to upgrade for my anyconnect essentials license to work. So I upgrade to 8.2 last night, still not working, back to the TAC unless someone has any ideas?

New Member

Re: Anyconnect sessions showing up as clientless vpn sessions

After a call to the TAC again, I had to add this no statement to allow multiple ssl connections

run this:

sh run | include sessiondb

add a "no" to that, and now you will be allowed as many connections as your ASA can handle... i would give you the full command but I forgot it

Re: Anyconnect sessions showing up as clientless vpn sessions

The AnyConnect Essentials license provides basic VPN connectivity using AnyConnect only. With this license installed, clientless WebVPN and CSD will no longer function. I am assuming the command you were instructed to use was:

config t

webvpn

no anyconnect-essentials

By disabling the AnyConnect Essentials functionality, the ASA will revert to the previous license installed. If this is the default license, then SSL VPN will be restricted to 2 simultaneous connections.

Since upgrading to 8.2.1, are you still seeing the AnyConnect sessions showing under the clientless session count?

New Member

Re: Anyconnect sessions showing up as clientless vpn sessions

no i did not disable anyconnect-essentials i disabled the maximum ssl sessions, ys they still show up as clientless, but we can now run more than 2 sessions

New Member

Re: Anyconnect sessions showing up as clientless vpn sessions

here we go i reviewed my tac log..

removed this command:

vpn-sessiondb max-webvpn-session-limit 2

New Member

Re: Anyconnect sessions showing up as clientless vpn sessions

Hi,

I tried this but then my load balancing between the two asa's does not work anymore. All users connect then to the backup asa, de vpn % load remains 0 when I use this command.

When I enable the command the load balancing is restored.

Or is the problem that the SSL load is to small. So 1 % load is 50 users (5000 / 100 % = 50 users per 1 %). So I must have 50 users before I see any load? I am still testing but not with 50 persons I need to know this for sure.

I use the anyconnect client essential license so I could use 5000 users on my 5550 (have two). The field in max-webvpn-session is standard set to 10. I cannot increase the number. When I set it to 1 only one client can connect to one asa. So the essential license is not working I think

Is this a bug?

New Member

Re: Anyconnect sessions showing up as clientless vpn sessions

Ok this is what I found for my two ASA 5550 with anyconnect essentials.

When I try to change the max number of ssl connection (standard 10) ASDM says I must enter a number between 1 and 10.

When I push the command through the cli:

vpn-sessiondb max-webvpn-session-limit 100. And then refresh ASDM displays 100, the SSL load on the ASA's is then 1% for 1 client and so this works.

I will now test with more then 20 users to see if I get over the 10 + 10 standard licenses of both the ASA 5550.

Thx,

Marc

New Member

Anyconnect sessions showing up as clientless vpn sessions

Hi,

Any solution or explanation to this showing of clientless sessions while using anyconnect ?

I am using 8.3.2 and at my test environment the anyconnect connections show up like his :

Username: userX

Group Policy: SSL_VPN_POLICY

Connection Profile: ....

Assigned IP Address x.x.x.x

Public IP Address: y.y.y.y

Protocol Encryption: Clientless SSL-Tunnel DTLS-Tunnel RC4 AES128

1405
Views
0
Helpful
10
Replies
CreatePlease to create content