I am encountering strange problem with anyconnect vpn. with multiple groups being given different ip address ranges, when user tries to connect, they get subnet mask & gateway which is actually the classful boundary address.
eg. if a user group needs to get ip from 192.168.0.33 - 96 range, they are seen getting ip from same range but the mask would be default to class c network /24 & gateway would appear as 192.168.0.1.
The authentication is via ACS and windows domain servers. ACS has groups created.
On the security appliance, you can configure authorization that addresses the variables of multiple group membership and endpoint security for VPN connections. There is no specific configuration of AnyConnect required to use dynamic access policies.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...