Solved: ASA anyconnect policy and default group policy

mahesh18 · ‎03-06-2014

hi everyone,

ASA is configured with anyconnect tunnel group and anyconnect group policy.

Anyconnect group policy for

simultaneous logins in ASDM shows check mark on Inherit

idle time-out in ASDM shows check mark on inherit

Default group policy or system default shows

simultaneous logins show 3

idlle time-out shows 30 mins

Need to understand that when we create anyconnect group policy and we click on inherit does it mean that it will take the value for that field from

default group policy?

Also as above default group policy shows that it has simultaneous logins for 3 and if i change simultaneous logins to 2 in anyconnect group policy

then anyconnect group policy will take preference over default group policy?

Also system default policy shows idle timeout of 30 mins does it mean that it will disconnect the anyconnect session after 30 mins?

Regards

Mahesh

jj27 · ‎03-06-2014

You are correct about the default group policy. If you assign a different simultaneous login to your group policy for the anyconnect profile then those settings will override the default group policy. Any setting changes you explicitly make to any group policy on the system will override what the default group policy has configured.

View solution in original post

jj27 · ‎03-06-2014

You are correct about the default group policy. If you assign a different simultaneous login to your group policy for the anyconnect profile then those settings will override the default group policy. Any setting changes you explicitly make to any group policy on the system will override what the default group policy has configured.

mahesh18 · ‎03-06-2014

Many thanks

Mahesh