Anyconnect, switch connection between 2 interfaces
We have some mobile tablets with LTE and wifi cababilities. They use AnyConenct to access an internal server to run dispatch software. The dispatch software requires that the tablets always communicate to the server using the same ip addresss When the tablets are at the office they want to use the wifi there to save on LTE data. We have anyconnect configured to provide the fixed addresses and conenctivity on the outside interface and on a DMZ interface for the wireless. I have the AnyConnect profile setup with a backup server that it the DMZ interface. The tablets connect fine on the DMZ interface or on the outside when in the field.
The issue i am having is when they switch between them. When they disconnect from the wireless the any connect client just keeps trying to connect to the DMZ interface, instead of trying the outside(primary server in the AC profile) until you close the vpn connection and re-establish it.
We need this to work seamlessly and without user intervention.
Re: Anyconnect, switch connection between 2 interfaces
I'd probably try to fix this with DNS instead. Just have the profile point to a dns name ex: vpn.mycompany.com. When they're internal have the A record point to the dmz interface address, when they're external have it resolve to the outside interface address.
Securing the network by ensuring the right users, the right access, to the right set of resources is the core function of Cisco’s Identity Services Engine (ISE). ISE builds context about users (Who), device type (What), access time (When), ...
Segmentation Strategy - An ISE Prescriptive Guide
OverviewConfiguration Objective:ConfigurationOverview:Segmentation Policy:Connection flow:Configuration Part 1: Protecting ISE ...
Cisco ASA with Firepower service module installed.
Console Connectivity to device
Web server or FTP server to host firepower service image
Correct firepower image to selected hardware model (Eg. asasfr-sys-6.1.0-330.pkg) downloaded from cisc...