Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

SSL VPN not login in via other group URL

Hi All, 

 

I am trying configure URL for SSL VPN management access only. I have created 2 profiles, one for users and the other for management. I can select each profile from the drop down and they work fine. However if I want a different URL for one of the profiles for example:

https://SSL_VPN_USER/Management

 

It keeps taking me back to https://SSL_VPN_USER/ instead of login me in. But if I instead make the same profile as an option on the drop down of https://SSL_VPN_USER/ it works fine. 

 

Any ideas what I am doing wrong? 

 

Kind Regards

 

Zee

 

 

 

Everyone's tags (1)
2 REPLIES
Cisco Employee

Hi Zee,Please confirm you

Hi Zee,

Please confirm you have enabled the group-url using following command:-
      tunnel-group <tunnel_group_name> webvpn-attributes
        group-url https://X.X.X.X/URL enable

If that is present , please share the relevant configuration from ASA including connection profile and group-policy that the user connects with.

Regards,
Dinesh Moudgil

P.S. Please rate helpful posts.

New Member

Hi Dinesh, Thanks for your

Hi Dinesh, 


Thanks for your response. Yes it is enabled. Just to clarify :

https://SSL_VPN_USER/ - this URL is for users

https://SSL_VPN_USER/Management - This URL is for management

 

When we access the https://SSL_VPN_USER/Management URL it takes us to the same URL as https://SSL_VPN_USER/ . BUT the GUI is different for each one. When we put in our credentials (Which uses ACS/RSA for verification) it fails and goes to the GUI login page of https://SSL_VPN_USER/ and has a message saying "login failed." even though I was at the GUI login page for https://SSL_VPN_USER/Management; so the login isn't even working. However if I put the https://SSL_VPN_USER/Management as a drop down option the login details via RSA work!

 

The details are below:

 

 

access-list inside_acl extended permit ip object NETADMIN-1 any 
access-list cap extended permit ip host 19.17.15.6 any 
access-list cap extended permit ip any any 
access-list inbound extended permit icmp any any 
access-list inside_access_in extended permit icmp any any 
access-list inside_access_in extended permit tcp object-group OtherSite-IPS object-group CISCO_sig eq www inactive 
access-list inside_access_in extended permit tcp object-group OtherSite-IPS object-group CISCO_sig eq https 
access-list inside_access_in extended permit ip object-group leg_ACCESS object Corporate-VPN-OtherSite-IPRange 
access-list inside_access_in extended permit ip object-group inside_network object Corporate-VPN-OtherSite-IPRange 
access-list inside_access_in extended permit tcp host 12.12.12.12 host 90.215.98.6 eq telnet inactive 
access-list inside_access_in extended permit tcp host 192.168.32.86 object-group blackberry_rim_servers eq 3121 inactive 
access-list inside_access_in extended permit tcp host 192.168.40.98 object-group blackberry_rim_servers eq 3121 inactive 
access-list inside_access_in extended permit ip object-group leg_ACCESS 192.168.55.224 255.255.255.248 
access-list inside_access_in extended permit ip object IM&T-Management-Range 192.168.55.224 255.255.255.248 
access-list inside_access_in extended permit ip object-group inside_network 192.168.55.224 255.255.255.248 
access-list inside_access_in extended permit ip object-group Domain_Controllers 192.168.55.224 255.255.255.248 
access-list inside_access_in extended permit ip object-group SNMP_server object-group grave_Grove_Datarange inactive 
access-list inside_access_in extended permit ip object-group SNMP_server object-group grave_Grove_WAASRange inactive 
access-list inside_access_in extended permit ip object-group leg_ACCESS object grave_Grove-Internal_120 inactive 
access-list inside_access_in extended permit ip object-group inside_network object grave_Grove-Internal_120 inactive 
access-list inside_access_in extended permit ip object-group Domain_Controllers object grave_Grove-Internal_120 inactive 
access-list inside_access_in extended permit ip object-group TheSite_SCCM object Corporate-VPN-OtherSite-IPRange 
access-list inside_access_in extended permit ip object-group TheSite_SCCM 192.168.55.128 255.255.255.224 
access-list inside_access_in extended permit ip object-group TheSite_SCCM 192.168.55.224 255.255.255.248 
access-list inside_access_in extended permit ip object-group WAAS_Traffic_internal object-group grave_Grove_WAASRange inactive 
access-list inside_access_in extended permit ip object-group Domain_Controllers object Corporate-VPN-OtherSite-IPRange 
access-list inside_access_in extended permit udp object-group SNMP_server any eq snmp 
access-list inside_access_in extended permit tcp object-group SNMP_server any eq ssh 
access-list inside_access_in extended permit ip object-group leg_ACCESS object-group rose_Cottage_Datarange inactive 
access-list inside_access_in extended permit ip object-group Domain_Controllers object-group rose_Cottage_Datarange inactive 
access-list inside_access_in extended permit ip object-group inside_network object-group rose_Cottage_Datarange inactive 
access-list inside_access_in extended permit tcp object-group DM_INLINE_NETWORK_3 object-group DM_INLINE_NETWORK_7 eq ssh 
access-list inside_access_in extended permit ip object BMS_RANGE object-group DM_INLINE_NETWORK_2 
access-list inside_access_in extended permit ip object-group leg_ACCESS object Vpn-Tester-Internal 
access-list inside_access_in extended permit ip object-group Domain_Controllers object Vpn-Tester-Internal 
access-list inside_access_in extended permit ip object-group inside_network object Vpn-Tester-Internal 
access-list inside_access_in extended permit udp object-group Trust-IP-Rages-AllSites object Corporate-VPN-OtherSite-IPRange 
access-list inside_access_in extended permit ip object-group Domain_Controllers object Anyconnect-IPRange 
access-list inside_access_in extended permit ip object-group TheSite_SCCM object Anyconnect-IPRange 
access-list inside_access_in extended permit ip object-group  sophos object Anyconnect-IPRange 
access-list inside_access_in extended permit ip object-group DM_INLINE_NETWORK_4 object-group DM_INLINE_NETWORK_8 
access-list inside_access_in extended permit ip object-group OtherSite-VPN-Traffic object BrendaRoad-IPRange 
access-list inside_access_in extended permit ip object  SOPHOS02 object IM&T-Mgmt-Anyconnect-Range 
access-list nonat extended permit ip object-group inside_network object Corporate-VPN-OtherSite-IPRange 
access-list nonat extended permit ip object-group leg_ACCESS object Corporate-VPN-OtherSite-IPRange 
access-list nonat extended permit ip host 12.129.78.5 object Corporate-VPN-OtherSite-IPRange 
access-list nonat extended permit ip object-group TheSite_SCCM object Corporate-VPN-OtherSite-IPRange 
access-list nonat extended permit ip object-group Domain_Controllers object Corporate-VPN-OtherSite-IPRange 
access-list VPN_Sites standard permit 192.168.55.128 255.255.255.224 
access-list VPN_Sites standard permit 192.168.55.224 255.255.255.224 
access-list outside_access_in extended permit icmp any any 
access-list outside_access_in extended permit ip object PenTest_Servers-MTI any inactive 
access-list outside_access_in extended permit ip object Corporate-VPN-OtherSite-IPRange object-group inside_network 
access-list outside_access_in extended permit ip object Corporate-VPN-OtherSite-IPRange object-group leg_ACCESS 
access-list outside_access_in extended permit tcp host 90.215.98.6 host 12.12.12.12 eq telnet inactive 
access-list outside_access_in extended permit tcp host 90.215.98.6 host 90.219.231.129 eq telnet inactive 
access-list outside_access_in extended permit udp any any eq isakmp inactive 
access-list outside_access_in extended permit esp any any inactive 
access-list outside_access_in extended permit tcp object-group blackberry_rim_servers host 192.168.32.86 eq 3121 inactive 
access-list outside_access_in extended permit tcp object-group blackberry_rim_servers host 192.168.40.98 eq 3121 inactive 
access-list outside_access_in extended permit ip 192.168.55.224 255.255.255.248 object-group leg_ACCESS 
access-list outside_access_in extended permit ip 192.168.55.224 255.255.255.248 object-group Domain_Controllers 
access-list outside_access_in extended permit ip 192.168.55.224 255.255.255.248 object IM&T-Management-Range 
access-list outside_access_in extended permit ip 192.168.55.224 255.255.255.248 object-group inside_network 
access-list outside_access_in extended permit ip 192.168.55.128 255.255.255.224 object-group leg_ACCESS 
access-list outside_access_in extended permit ip 192.168.55.128 255.255.255.224 object-group Domain_Controllers 
access-list outside_access_in extended permit ip 192.168.55.128 255.255.255.224 object IM&T-Management-Range 
access-list outside_access_in extended permit ip 192.168.55.128 255.255.255.224 object-group inside_network 
access-list outside_access_in extended permit tcp object Corporate-VPN-OtherSite-IPRange object DX_Expense_website eq https 
access-list outside_access_in extended permit ip object-group grave_Grove_Datarange object-group leg_ACCESS inactive 
access-list outside_access_in extended permit ip object-group grave_Grove_Datarange object-group Domain_Controllers inactive 
access-list outside_access_in extended permit ip object-group grave_Grove_Datarange object-group inside_network inactive 
access-list outside_access_in extended permit ip object-group grave_Grove_WAASRange object-group WAAS_Traffic_internal inactive 
access-list outside_access_in extended permit ip object Corporate-VPN-OtherSite-IPRange object-group TheSite_SCCM inactive 
access-list outside_access_in extended permit ip 192.168.55.128 255.255.255.224 object-group TheSite_SCCM inactive 
access-list outside_access_in extended permit ip 192.168.55.224 255.255.255.248 object-group TheSite_SCCM inactive 
access-list outside_access_in extended permit ip object Corporate-VPN-OtherSite-IPRange object-group Domain_Controllers 
access-list outside_access_in extended permit ip object-group rose_Cottage_Datarange object-group leg_ACCESS inactive 
access-list outside_access_in extended permit ip object-group rose_Cottage_Datarange object-group Domain_Controllers inactive 
access-list outside_access_in extended permit ip object-group rose_Cottage_Datarange object-group inside_network inactive 
access-list outside_access_in extended permit tcp 192.168.55.224 255.255.255.248 object DX_Expense_website eq https 
access-list outside_access_in extended permit tcp 192.168.55.128 255.255.255.224 object DX_Expense_website eq https 
access-list outside_access_in extended permit tcp object-group grave_Grove_Datarange object DX_Expense_website eq https inactive 
access-list outside_access_in extended permit tcp object-group rose_Cottage_Datarange object DX_Expense_website eq https inactive 
access-list outside_access_in extended permit ip object rose_Cottage_BMS-Net object s-BMS-Server_01 inactive 
access-list outside_access_in extended permit ip object Anyconnect-IPRange object-group Domain_Controllers 
access-list outside_access_in extended permit ip object Anyconnect-IPRange object-group inside_network 
access-list outside_access_in extended permit udp object Anyconnect-IPRange object-group Trust-IP-Rages-AllSites 
access-list outside_access_in extended permit ip object rose_Cottage_BMS-Net object-group s-BMS-Router_ALL inactive 
access-list outside_access_in extended permit ip object-group DM_INLINE_NETWORK_5 object-group DM_INLINE_NETWORK_1 
access-list outside_access_in extended permit ip object BrendaRoad-IPRange object-group OtherSite-VPN-Traffic 
access-list outside_access_in extended permit ip object RossiterRoad-IPRange object-group OtherSite-VPN-Traffic 
access-list outside_access_in extended permit ip object IM&T-Mgmt-Anyconnect-Range object s-Server-Mgmt-Range 
access-list outside_access_in extended permit ip object IM&T-Mgmt-Anyconnect-Range object-group inside_network 
access-list outside_access_in extended permit ip object IM&T-Mgmt-Anyconnect-Range object-group Trust-IP-Rages-AllSites 
access-list outside_access_in extended permit ip object IM&T-Mgmt-Anyconnect-Range object IM&T-Management-Range 
access-list grave-Grove-net extended permit ip object-group grave_VPN_Traffic object-group grave_Grove_Datarange inactive 
access-list grave-Grove-net extended permit ip object-group WAAS_Traffic_internal object-group grave_Grove_WAASRange inactive 
access-list rose-Cottage-net extended permit ip object-group roseCot_VPN_Traffic object-group rose_Cottage_Datarange inactive 
access-list rose-Cottage-net extended permit ip object s-BMS-Server_01 object rose_Cottage_BMS-Net inactive 
access-list rose-Cottage-net extended permit ip object-group s-BMS-Router_ALL object rose_Cottage_BMS-Net inactive 
access-list Redwood-Net extended permit ip object-group DM_INLINE_NETWORK_6 object Redwood_BMS 
access-list Tester_VPN-net extended permit ip object-group Tester_VPN_Traffic object Vpn-Tester-Internal 
access-list Corporate-IPSEC-VPN-Access extended permit ip object Corporate-VPN-OtherSite-IPRange object-group inside_network 
access-list Corporate-IPSEC-VPN-Access extended permit udp object Corporate-VPN-OtherSite-IPRange object-group Trust-IP-Rages-AllSites 
access-list Anyconnect_access_in extended permit udp object Anyconnect-IPRange object-group Trust-IP-Rages-AllSites 
access-list Anyconnect_access_in extended permit ip object Anyconnect-IPRange object-group inside_network 

access-list IM&T_Anyconnct_access extended permit ip object IM&T-Mgmt-Anyconnect-Range object-group Third_Line-Network inactive 
access-list IM&T_Anyconnct_access extended permit ip object IM&T-Mgmt-Anyconnect-Range object IM&T-Management-Range 
access-list IM&T_Anyconnct_access extended permit ip object IM&T-Mgmt-Anyconnect-Range object-group inside_network 
access-list IM&T_Anyconnct_access extended permit ip object IM&T-Mgmt-Anyconnect-Range object s-Server-Mgmt-Range 
access-list IM&T_Anyconnct_access extended permit ip object IM&T-Mgmt-Anyconnect-Range object-group Trust-IP-Rages-AllSites 

logging monitor warnings
logging buffered informational
logging trap informational
logging history warnings
logging asdm informational
logging mail mobile-users
logging from-address mobileusers@TheSite-tr.aid
logging recipient-address networkadmin@TheSite-tr.aid level informational
logging device-id hostname
logging host inside  ncm01
mtu outside 1500
mtu inside 1500
mtu management 1500
ip local pool CorporateNet 12.214.64.1-12.214.64.250 mask 255.255.255.0
ip local pool Anyconnect-User-pool 12.147.149.1-12.147.149.125 mask 255.255.255.128
ip local pool IM&T-Mgmt-Anyconnect-pool 12.199.52.33-12.199.52.62 mask 255.255.255.224
no failover
icmp unreachable rate-limit 1 burst-size 1
icmp deny any echo-reply outside
asdm image disk0:/asdm-715-120.bin
no asdm history enable
arp timeout 14400
no arp permit-nonconnected
nat (inside,outside) source dynamic Net_Admin_PC Net_Admin-PAT destination static TheSite_VPN-External TheSite_VPN-External
nat (inside,outside) source static any any destination static NETWORK_OBJ_12.214.64.0_24 NETWORK_OBJ_12.214.64.0_24 no-proxy-arp route-lookup inactive
nat (inside,outside) source dynamic OtherSite-IPS outside_PAT destination static CISCO_sig CISCO_sig
access-group outside_access_in in interface outside
access-group inside_access_in in interface inside
!
route-map anyconnect permit 12
 match ip address ippool
!
route-map VPN_Sites_backup permit 12
 match ip address VPN_Sites
!
!
router ospf 1 
 network 172.16.11.128 255.255.255.128 area 30
 log-adj-changes
 redistribute connected subnets
 redistribute static subnets route-map anyconnect
!
route outside 0.0.0.0 0.0.0.0 90.219.231.97 1
route management 192.168.34.1 255.255.255.255 192.168.215.203 1
route outside 192.168.36.64 255.255.255.240 90.219.231.97 1
route outside 192.168.55.224 255.255.255.248 90.219.231.97 1
timeout xlate 3:00:00
timeout pat-xlate 0:00:30
timeout conn 1:00:00 half-closed 0:12:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:12:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
timeout floating-conn 0:00:00
dynamic-access-policy-record DfltAccessPolicy
aaa-server acs-server protocol tacacs+

aaa-server acs-server (inside) host sacs01
 key *****
aaa-server RSA protocol radius
aaa-server rsa protocol radius
aaa-server rsa (inside) host rsa02-v
 key *****
 authentication-port 1812
 accounting-port 1813

aaa-server rsa (inside) host OtherSitersa01-v
 key *****
 authentication-port 1812
 accounting-port 1813
user-identity default-domain LOCAL
aaa authentication http console acs-server LOCAL
aaa authentication ssh console acs-server LOCAL
http server enable
http 192.168.34.0 255.255.255.0 management
http 192.168.34.0 255.255.255.0 inside
snmp-server group GrpNETADMIN v3 priv 
snmp-server user netadmin GrpNETADMIN v3 encrypted auth md5 1b:17:a2:e4:32:b5:b4:gf:e4:ae:8a:e0:f0:8d:af:8a priv aes 128 1a:17:a2:e4:32:d5:b4:bf:e4:ee:8a:e0:e0:8d:4f:8a 
snmp-server host inside  ncm01 version 3 netadmin
snmp-server location OtherSiteworth Hospital (ID:14053))
snmp-server contact TheSite-NetAdmin
snmp-server enable traps snmp authentication linkup linkdown coldstart
snmp-server enable traps entity config-change fru-insert fru-remove
snmp-server enable traps memory-threshold
no sysopt connection permit-vpn
crypto ipsec ikev1 transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac 
crypto ipsec ikev1 transform-set ESP-DES-SHA esp-des esp-sha-hmac 
crypto ipsec ikev2 ipsec-proposal DES
 protocol esp encryption des
 protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal 3DES
 protocol esp encryption 3des
 protocol esp integrity sha-1 md5
crypto ipsec ikev2 ipsec-proposal AES
 protocol esp encryption aes
 protocol esp integrity sha-1 md5

crypto ipsec security-association lifetime seconds 3600
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set ikev2 ipsec-proposal AES256 AES192 AES 3DES DES
crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 set security-association lifetime seconds 28800
crypto map outside_map 200 set ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA ESP-3DES-MD5 ESP-DES-SHA ESP-DES-MD5
crypto map outside_map 200 set ikev2 ipsec-proposal AES256
crypto map outside_map 212 match address kingston-AnE-net
crypto map outside_map 212 set peer 81.133.221.196 
crypto map outside_map 212 set ikev1 transform-set esp-aes-256 esp-aes
crypto map outside_map 212 set security-association lifetime seconds 28800
crypto map outside_map 65535 ipsec-isakmp dynamic SYSTEM_DEFAULT_CRYPTO_MAP


crypto ca trustpoint _SmartCallHome_ServerCA
 crl configure
crypto ca trustpoint  DC02-Root
 enrollment terminal
 crl configure
crypto ca trustpoint ASDM_TrustPoint0
 enrollment terminal
 fqdn SSL_VPN_USER
 subject-name CN=SSL_VPN_USER,OU=IMT Department,O=TheSite,C=GB,St=London,L=clapman
 ip-address 90.219.231.99
 keypair Management
 crl configure
crypto isakmp identity address 

 authentication pre-share
 encryption des
 hash md5
 group 1
 lifetime 86400
crypto ikev1 policy 5
 authentication pre-share
 encryption aes
 hash md5
 group 5      
 lifetime 86400

telnet timeout 60
ssh 192.168.34.0 255.255.255.0 inside
ssh 192.168.34.0 255.255.255.0 management
ssh  ncm01 255.255.255.255 management
ssh timeout 60
ssh version 2
ssh key-exchange group dh-group1-sha1
console timeout 15
management-access management
dhcpd address 192.168.215.1-192.168.215.240 management
!
threat-detection basic-threat
threat-detection statistics access-list
no threat-detection statistics tcp-intercept
ntp server 12.120.1.252
ssl server-version tlsv1-only
ssl client-version tlsv1-only
ssl encryption rc4-sha1 aes256-sha1
ssl trust-point ASDM_TrustPoint0 outside
webvpn
 enable outside
 anyconnect image disk0:/anyconnect-win-3.1.05152-k9.zip 1
 anyconnect image disk0:/anyconnect-macosx-i386-3.1.04074-k9.pkg 2
 anyconnect profiles IM&T-Anyconnect disk0:/im&t-anyconnect.xml
 anyconnect profiles TheSite-Anyconnect_client_profile disk0:/TheSite-Anyconnect_client_profile.xml
 anyconnect enable
 tunnel-group-list enable
group-policy DfltGrpPolicy attributes
 vpn-tunnel-protocol ikev1 l2tp-ipsec 
group-policy IKEv2GrpPolicy internal
group-policy IKEv2GrpPolicy attributes
 vpn-tunnel-protocol ikev1 ikev2 
group-policy IM&T-Anyconnect-Policy internal
group-policy IM&T-Anyconnect-Policy attributes
 wins-server value 12.199.52.212 192.168.32.12
 dns-server value 12.199.52.212 192.168.32.12
 vpn-simultaneous-logins 1
 vpn-filter value IM&T_Anyconnct_access
 vpn-tunnel-protocol ssl-client 
 default-domain value xTheSite-tr.aid
 address-pools value IM&T-Mgmt-Anyconnect-pool
 webvpn
  anyconnect ssl dtls enable
  anyconnect dtls compression lzs
  anyconnect profiles value IM&T-Anyconnect type user
  anyconnect ask none default webvpn
  customization value IM&T-Anyconnect-Portal
group-policy GroupPolicy_TheSite-Anyconnect internal
group-policy GroupPolicy_TheSite-Anyconnect attributes
 wins-server none
 dns-server value 12.199.52.212 192.168.32.12
 vpn-simultaneous-logins 1
 vpn-filter value Anyconnect_access_in
 vpn-tunnel-protocol ssl-client 
 default-domain value xTheSite-tr.aid
 address-pools value Anyconnect-User-pool
 webvpn
  anyconnect ssl dtls enable
  anyconnect dtls compression lzs
  anyconnect profiles value TheSite-Anyconnect_client_profile type user
  anyconnect ask none default webvpn
  customization value Anyconnect-Portal
group-policy GroupPolicy2 internal
group-policy GroupPolicy2 attributes
 vpn-tunnel-protocol ikev1 
group-policy GroupPolicy1 internal
group-policy GroupPolicy1 attributes
 vpn-tunnel-protocol ikev1 
group-policy netadmin internal
group-policy netadmin attributes
 dns-server value 192.168.32.12
 vpn-tunnel-protocol l2tp-ipsec 
 default-domain value xTheSite-tr.aid
group-policy Corporate_Business internal
 wins-server value 192.168.34.12
 dns-server value 12.19.2.12 192.168.34.11
 vpn-simultaneous-logins 1
 vpn-idle-timeout none
 vpn-session-timeout none
 vpn-filter value Corporate-IPSEC-VPN-Access
 vpn-tunnel-protocol ikev1 l2tp-ipsec 
 address-pools value CorporateNet
 smartcard-removal-disconnect disable
username TheSite password asbkjsabfjk encrypted
username cisco password ajksdfkjhsf encrypted privilege 0
username cisco attributes
 vpn-group-policy netadmin
tunnel-group Corporate_Business type remote-access
tunnel-group Corporate_Business general-attributes
 address-pool CorporateNet
 authentication-server-group rsa
 default-group-policy Corporate_Business
 username-from-certificate use-entire-name
tunnel-group Corporate_Business ipsec-attributes
 ikev1 pre-shared-key *****

tunnel-group IM&T-Anyconnect type remote-access
tunnel-group IM&T-Anyconnect general-attributes
 address-pool IM&T-Mgmt-Anyconnect-pool
 authentication-server-group rsa
 authentication-server-group (inside) rsa
 default-group-policy IM&T-Anyconnect-Policy
tunnel-group IM&T-Anyconnect webvpn-attributes
 customization IM&T-Anyconnect-Portal
 proxy-auth sdi
 group-alias IM&T disable
 group-url https://SSL_VPN_USER/IMT enable
 dns-group DNS-Servers


tunnel-group TheSite-Anyconnect type remote-access
tunnel-group TheSite-Anyconnect general-attributes
 address-pool Anyconnect-User-pool
 authentication-server-group rsa
 default-group-policy GroupPolicy_TheSite-Anyconnect
tunnel-group TheSite-Anyconnect webvpn-attributes
 customization Anyconnect-Portal
 group-alias TheSite-Anyconnect enable
 dns-group DNS-Servers

 

96
Views
0
Helpful
2
Replies
CreatePlease login to create content