Cisco Support Community
Community Member

AnyConnect - Dynamic Access Policies not working

I am configuring AnyConnect and having trouble with DAP. Somehow the DAP is not matching. Even the simplest one of Operating System = Windows 7 did not work. The DAP testing tool too is not working as expected. It keeps on appending previous test parameters. Is there any simple way to check the DAP policy matches? I had seen "debug dap trace" but with few thousands of users I am not sure how the troubleshooting will work. I am new to ASA/AnyConnect. We are migrating from Juniper Secure Access to Cisco AnyConnect. I already have Cisco TAC open but engg too could not provide me convincing answers. After lof of trial errors, we saw one of them working. Before configuring production setup, I want to make sure I understand, configure and test all AnyConnect components.

VIP Purple

Re: AnyConnect - Dynamic Access Policies not working

One of the most common problems with DAP is that it's license-dependent. If you wan't to test on the OS of non-mobile-devices, you need the Advanced-Endpoint-assessment-license. For that to use you need AnyConnect Premium. Do you have that license installed?

Sent from Cisco Technical Support iPad App

Community Member

Re: AnyConnect - Dynamic Access Policies not working

Yes I do have Premium license. I can see Advance Host scan software selectable under Host Scan. This was also reviewed by TAC.

CreatePlease to create content