12-10-2018 11:36 PM
Hi,
in the release notes of AC 4.7 there is one new feature:
"
Management VPN Tunnel—(Requires ASDM 7.10.1) Ensures connectivity to the corporate network whenever the client system is powered up, not just when a VPN connection is established by the end user.
This feature allows patch management on systems which may not come in to the office frequently. Endpoint OS login scripts requiring corporate network connectivity will also benefit from this feature."
has anyone tried this and can tell me how to test it?
I can't see the menue to activate (I've got all the requirements)
thanks
karl
12-11-2018 05:48 AM
Configuration details start on page 125 at: https://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect47/administration/guide/b_AnyConnect_Administrator_Guide_4-7.pdf
Works pretty well. It only uses machine certificates, so no LDAP/radius/local/client cert auth.
02-04-2019 01:12 PM
I've followed the instructions in this guide but it's not quite working. I do see my client attempt to connect prior to Windows login but the SSL sessions terminates immediately.
We use machine certs for VPN so the cert is present on the endpoint.
Is there something not included in this document that needs to be completed before the management tunnel works?
07-12-2019 01:27 AM - edited 07-12-2019 02:08 AM
11-13-2019 01:32 AM
hi out there
If one has multiple xml-profiles avalibly - which management vpn tunnel is tied to this - will there only be one avalibly or how is this sorted out? We have 4 different regions where we have 4 different XML profiles which we manually select from - currently.
11-13-2019 05:52 AM
The management tunnel isn't tied to any user tunnel, it just becomes active when no user tunnel is connected. Only one management tunnel can be configured at a time.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: