Is it possible to setup a switchport as a passthrough Cisco AnyConnect

netadminstrator · ‎07-23-2023

With the sample diagram above:

Red line = Internet Access

Blue Line = Port that setup to use by End user

Light Green = Ports allocated for VPN

Green Line = Active connection to a remote Cisco AnyConnect VPN Server

Is this do-able?

pieterh · ‎07-24-2023

I do not understand your question completely?

but what I think will answer your question is segmenting your network using VLAN's + subnetting
- red: vlan 10 / 10.0.10.0/24 will, for clients then only need internet access
- blue vlan20 / 10.0.20.0/24 separate network for end users
green/light green: vlan 30 / 10.0.30.0/24 vlan to separate VPN clients
this can be done on a manageable L2 switch where you can configure VLAN's

you can keep those networks completely separate
but if you do need traffic between them in the future, you can add a router with AccessList to allow specific trafic
if the switch hat L3 capabilities, this may be done in a single device
if no L3 capabilities you will need to add a router to forward packets between the vlan's

netadminstrator · ‎07-24-2023

Hi

I want to say, allocate ports from 6-10 to access a pre-loggin VPN that is hosted by Cisco anyconnect at a remote server.

So when a user connects to port 6 of the switch its automatically in the vpn so essentially the ports are pre-configured as vpn.

So i dont need a client, and the switch port will be the client.