Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
875
Views
10
Helpful
3
Replies

2 Anyconnect vpns dns/domain problem

Go to solution
peat
Level 1
Level 1

‎02-14-2019 06:06 AM - edited ‎02-21-2020 09:34 PM

I have 2 anyconnect vpn profiles setup but whenever i change the domain and dns server on one of the profiles it changes it for the other profile.

How can i setup my 2nd anyconnect profile so it doesnt point to the dns server and domain of the 1st anyconnect profile?

Thanks

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rahul Govindan
VIP Alumni
VIP Alumni

‎02-14-2019 08:27 AM

DNS and Domain is usually a property of the ASA group-policy. So you can set up 2 different group-policies on the ASA so that the DNS and Domain is set specific to that group-policy. You would then tie up Connection profile to group-policy so that the user receives that DNS setting based on the group they chose.

View solution in original post

3 Replies 3

Go to solution
Mike.Cifelli
VIP Alumni
VIP Alumni

‎02-14-2019 07:16 AM

How can i setup my 2nd anyconnect profile so it doesnt point to the dns server and domain of the 1st anyconnect profile?

 

Ensure that you configure two separate connection profiles & group policies.  Make sure you enable aliases for each of your connection profiles.  Within each connection profile configure each separate dns & domain.  Copy your XML file in C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\Profile

Open the copied xml file, and modify the following to match the name of your alias & show that you have two vpn profiles in anyconnect:

<HostName>SECOND VPN PROFILE</HostName>

<UserGroup>ALIAS_NAME</UserGroup>

 

Both of these are found under <HostEntry>

 

You can also export profile from the asa.  I have found when testing it is quicker to perform the modifications.  HTH!

Go to solution
Rahul Govindan
VIP Alumni
VIP Alumni

‎02-14-2019 08:27 AM

DNS and Domain is usually a property of the ASA group-policy. So you can set up 2 different group-policies on the ASA so that the DNS and Domain is set specific to that group-policy. You would then tie up Connection profile to group-policy so that the user receives that DNS setting based on the group they chose.

Go to solution
peat
Level 1
Level 1
In response to Rahul Govindan

‎02-15-2019 04:46 AM

Thanks. When i changed the dns and domain in the group policy rather than on the main profile of each individual profile then the different dns and domain worked.
0 Helpful
Customers Also Viewed These Support Documents