02-14-2019 06:06 AM - edited 02-21-2020 09:34 PM
I have 2 anyconnect vpn profiles setup but whenever i change the domain and dns server on one of the profiles it changes it for the other profile.
How can i setup my 2nd anyconnect profile so it doesnt point to the dns server and domain of the 1st anyconnect profile?
Thanks
Solved! Go to Solution.
02-14-2019 08:27 AM
DNS and Domain is usually a property of the ASA group-policy. So you can set up 2 different group-policies on the ASA so that the DNS and Domain is set specific to that group-policy. You would then tie up Connection profile to group-policy so that the user receives that DNS setting based on the group they chose.
02-14-2019 07:16 AM
How can i setup my 2nd anyconnect profile so it doesnt point to the dns server and domain of the 1st anyconnect profile?
Ensure that you configure two separate connection profiles & group policies. Make sure you enable aliases for each of your connection profiles. Within each connection profile configure each separate dns & domain. Copy your XML file in C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\Profile
Open the copied xml file, and modify the following to match the name of your alias & show that you have two vpn profiles in anyconnect:
<HostName>SECOND VPN PROFILE</HostName>
<UserGroup>ALIAS_NAME</UserGroup>
Both of these are found under <HostEntry>
You can also export profile from the asa. I have found when testing it is quicker to perform the modifications. HTH!
02-14-2019 08:27 AM
DNS and Domain is usually a property of the ASA group-policy. So you can set up 2 different group-policies on the ASA so that the DNS and Domain is set specific to that group-policy. You would then tie up Connection profile to group-policy so that the user receives that DNS setting based on the group they chose.
02-15-2019 04:46 AM
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: