Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi awesome community! We have a bit of a challenge at the moment with our remote access VPN. Our setup is an always-on VPN using AnyConnect (cert based authentication) and we’re also using a management tunnel for pre-logon functionality. The tunne...
Hi awesome community! I'm really hoping that someone has a solution to this one - we're setting up a new 9800-40 controller for our corporate and guest wireless network. Once of the requirements is that we're able to AirPlay to devices that reside o...
Hi Everyone,
Bit of an odd question and to be honest I'm not actually sure it's possible. Essentially I'm trying to make AnyConnect complete a cert based authentication and authorization, the norm for this would be to use Machine Auth (from the loo...
Hi everyone,
We have a use case that's come through to us for implementation and we're struggling a bit and I wondered if anyone else had managed to do this.
Essentially we want to use AnyConnect on a Mobile Device (Specifically an iPad) and delive...
Hi folks,We're currently in the process of rolling out Anyconnect 4 with NAM and ISE agents to handle our 802.1x requirements. As part of this we're also interoperating with Anyconnect VPN on 5585-x firewalls to take advantage of the CoA on this plat...
Hey Kanan! The option to configure mDNS under an AP and nominate the VLAN's is still there on the 9800:I've not had a requirement to use this option just yet - I'm sure that will come as our 9800 estate expands. Kev
Thanks @Rob Ingram I thought this might be the case, I wanted to make sure that I’d not missed something obvious in terms of what we can offer from the VPN side. We’re migrating everyone away from the option to disconnect from our VPN, so it’s been ...
That's not strictly true - the document says it can be done, but collisions can occur when the ranges overlap. Static entries from an ACL take precedence over dynamic lists, so if you have something that overlaps, it will go where the ACL sends it. ...
Hi Nelson For dynamic excludes you have to use: "dynamic-split-exclude-dns" as the attribute "type" and then add whatever you need as the names - so mine would be a name of "Split_Exclude_Cloud" with a value of "webex.com, teams.microsoft.com (etc)"....
