Can the clientless vpn and the anyconnect vpn exist on different ports? they seem to be tied to each other? We have an travel application that uses port 443 and when using the cisco anyconnect vpn this application stops working. I would like to still be ablet to offer clientless vpn through the normal https port but have the anyconnect use a different port. is this possible?
The same port will be used for AnyConnect and WebVPN.
You can change the port number under the WebVPN settings of your FW.
Please rate any helpful posts.
OK. so lets say i change the port to 8443. is there a way to also port forward any traffic that hits 443 to go to 8443 for the clientless vpn so that i don't have to actually give the users who are using the clientless vpn a different url?
You could redirect the HTTP traffic to HTTPS using the "http redirect' command.
Both you need to define the port the ASA will listen to HTTP requests, since by default it is 80.
So, you will have to add the 8443 port to your URL.
You could modify the specific URL in the server list (found in the AnyConnect XML profile), so the AnyConnect users will not notice any change.
However, users accessing the Web Portal will need to include the new port in the URL.