cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
794
Views
0
Helpful
6
Replies

AnyConnect and Administration

aprather
Level 1
Level 1

Hi all,

So a couple of weeks ago I installed 64 bit Vista on all of my computers at the house.

I was then asked to do some work from home and when I went to install the VPN client, I realized that 64 bit is not supported.

I configured my ASA for Anyconnect support and was able to get logged in using the Anyconnect client.

The problem I have now is that I cannot get ASDM to work over this client in order to administer my ASA. What are the limitations of the Anyconnect client? I see more and more users going to 64 bit at home. Am I doing something wrong in not being able to use ASDM via Anyconnect?

Thanks!

6 Replies 6

andrew.prince
Level 10
Level 10

Try:-

http x.x.x.x y.y.y.y inside

make sure that the x.x.x.x subnet also contains the IP subnet range of the SSL VPN Client pool of addresses!

HTH>

In addition to my friend Andrew's suggestion you may need to add management-access in order to manage asa over ipsec tunnels including annyconnect.

http://www.cisco.com/en/US/docs/security/asa/asa80/command/reference/m.html#wp1987122

Regards

Jorge Rodriguez

Thank you for the replies.

I apologize, but I failed to mention that before upgrading to 64 bit Vista, I was able to administer the ASA via ASDM using the old VPN client.

So Im pretty sure everything is configured to work correctly through a VPN tunnel.

The only change was going from a normal VPN client on a 32 bit OS to the Anyconnect client on a 64 bit machine.

I tried the anyconnect on multiple machines and neither would allow me administration.

Thanks!

So Im pretty sure everything is configured to work correctly through a VPN tunnel.

Can you confirm that ? on asa u want to manage issue bellow.

show run | inc management

output of above should look management-access inside -> for asa5505 or management-access managemment for other asa5500 models

also confirm Adrews statement and ensure annyconnect tunnel group IP network is permitted

show run | inc http

can you ping the asa inside interface while vpn-in through annyconnect? can you atleast telnet to asa through inside interface?

Jorge Rodriguez

I may have in fact found my issue. I will update as soon as I get to my home or a spot where I can use VPN for testing.

Thanks!

Enabled SSL Anyconnect client on a test SSL connection on a ASA. Can connect and manage the device thru AnyConnect over the SSL.

If you have issues - your configuration is incorrect.

HTH>

Review Cisco Networking for a $25 gift card