cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
861
Views
10
Helpful
3
Replies

2 Anyconnect vpns dns/domain problem

peat
Level 1
Level 1

I have 2 anyconnect vpn profiles setup but whenever i change the domain and dns server on one of the profiles it changes it for the other profile.

How can i setup my 2nd anyconnect profile so it doesnt point to the dns server and domain of the 1st anyconnect profile?

Thanks

1 Accepted Solution

Accepted Solutions

Rahul Govindan
VIP Alumni
VIP Alumni

DNS and Domain is usually a property of the ASA group-policy. So you can set up 2 different group-policies on the ASA so that the DNS and Domain is set specific to that group-policy. You would then tie up Connection profile to group-policy so that the user receives that DNS setting based on the group they chose.

View solution in original post

3 Replies 3

Mike.Cifelli
VIP Alumni
VIP Alumni

How can i setup my 2nd anyconnect profile so it doesnt point to the dns server and domain of the 1st anyconnect profile?

 

Ensure that you configure two separate connection profiles & group policies.  Make sure you enable aliases for each of your connection profiles.  Within each connection profile configure each separate dns & domain.  Copy your XML file in C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\Profile

Open the copied xml file, and modify the following to match the name of your alias & show that you have two vpn profiles in anyconnect:

<HostName>SECOND VPN PROFILE</HostName>

<UserGroup>ALIAS_NAME</UserGroup>

 

Both of these are found under <HostEntry>

 

You can also export profile from the asa.  I have found when testing it is quicker to perform the modifications.  HTH!

Rahul Govindan
VIP Alumni
VIP Alumni

DNS and Domain is usually a property of the ASA group-policy. So you can set up 2 different group-policies on the ASA so that the DNS and Domain is set specific to that group-policy. You would then tie up Connection profile to group-policy so that the user receives that DNS setting based on the group they chose.

Thanks. When i changed the dns and domain in the group policy rather than on the main profile of each individual profile then the different dns and domain worked.
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: