we have two ASA 5510s one in 8.4(4) and one in 8.2(5) in a site-to-site VPN setup. All internal traffic is working smoothly. Site/Subnet A: 192.100.0.0 – local (8.4(4)) Site/Subnet B: 192.200.0.0 – remote (8.2(5)) VPN Users: 192.100.40.0 – assigned by ASA When you VPN into the network, all traffic hits Site A, and everything on subnet A is accessible. Site B however, is completely inaccessible for VPN users. All machines on subnet B, the [...]

I have a Cisco 3800 with Advanced IP Services running version 12.4(13r). For a client to VPN in using AnyConnect, it looks like I use the webvpn config options (SSL VPN). I followed one of the tutorials (e.g. cisco ssl vpn). Is this the same setup to allow connections from the AnyConnect app on Android devices? Do I need a separate license? Newer version of IOS? I get an error when trying to connect with [...]

There are plenty of tutorials on setting up AnyConnect on an ASA unit, and a handful of links noting that IOS 12.4(15) and later support AnyConnect, but I can’t seem to find any good documentation about how to setup AnyConnect on IOS; most tutorials assume you only want a clientless VPN on IOS. the best I’ve found is this document on Cisco’s site, but it’s not working for me in practice – see below. This [...]

AnyConnect works fine with Windows XP. On Ubuntu Linux 9.10 32 bit, I downloaded anyconnect-linux-2.4.0202-k9.tar.gz, installed it, and tried to connect to the same ASA firewall. It failed with: >> state: Connecting >> notice: Establishing VPN session… >> error: AnyConnect package unavailable or corrupted. Contact your system administrator. >> notice: Connection attempt has failed. >> state: Disconnected >> state: Disconnected Then I downloaded anyconnect-linux-2.4.0202-k9.pkg from cisco.com and installed it on the ASA’s flash: foobar# show [...]

Does anyone have experience with configuring Cisco AnyConnect VPN? We have a problem with client DNS name resolution when connected over VPN. To me, it looks as if the Cisco AnyConnect VPN client intercepts DNS queries from the clients. Can someone confirm that the AnyConnect VPN client in fact does this (intercepts DNS traffic)? Where is this configured on the VPN server? EDIT: Here’s how the routing table changes when I connect to the VPN: [...]

We have a Cisco ASA 5505 running version 7.2. The current config includes both a site-to-site VPN (ipsec-l2l) and a remote access VPN where users connect using the Cisco VPN client 5.0.06 (ipsec-ra). Because the cisco VPN client lacks support for Windows 7, 64 bit OSes and SBL on Vista we need to upgrade to the AnyConnect client, which means the ASA needs to be upgraded to version 8.X. I have two questions about this [...]

When i start the Cisco AnyConnect the client uses the IE proxy definitions, does anyone knows a way to prevent this? Can i configure the client to “not use IE proxy definitions” ? thanks You can set that option in the AnyConnect Client Profile Proxy Support section: http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnect24/administration/guide/ac03features.html#wp1069089 Check more discussion of this question. Bookmark on Delicious Digg this post Recommend on Facebook share via Reddit Share with Stumblers Tweet about it Print for later [...]