Anyconnect, switch connection between 2 interfaces
We have some mobile tablets with LTE and wifi cababilities. They use AnyConenct to access an internal server to run dispatch software. The dispatch software requires that the tablets always communicate to the server using the same ip addresss When the tablets are at the office they want to use the wifi there to save on LTE data. We have anyconnect configured to provide the fixed addresses and conenctivity on the outside interface and on a DMZ interface for the wireless. I have the AnyConnect profile setup with a backup server that it the DMZ interface. The tablets connect fine on the DMZ interface or on the outside when in the field.
The issue i am having is when they switch between them. When they disconnect from the wireless the any connect client just keeps trying to connect to the DMZ interface, instead of trying the outside(primary server in the AC profile) until you close the vpn connection and re-establish it.
We need this to work seamlessly and without user intervention.
Re: Anyconnect, switch connection between 2 interfaces
I'd probably try to fix this with DNS instead. Just have the profile point to a dns name ex: vpn.mycompany.com. When they're internal have the A record point to the dmz interface address, when they're external have it resolve to the outside interface address.
This document lists some options you have to insert script after implementing a portal using portal builder
Implement guest portal using SAML SSO provider button
This allows you to point your ISE Portal builder portal to a page configured for SAML SSO lo...
I would like to present the MAC address for a device on-boarding flow as a QR code on support page.
This can be done utilizing a custom .js script embedded into the support page.
For general information on po...
This is directed at those already leveraging F5's with TACACS or those that do in the future. It is not meant to be an all encompassing guide, rather an addition for an issue you need to be aware of. There is a well known guide jointly developed between C...
TACACS works on TCP protocol port 49 or any customizable port in ISE. TCP is connection oriented and asynchronous.
So if you are using LB, suggest inline LB option. If not, then you need to find a way to deal with TCP property explained above.