cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
3834
Views
0
Helpful
5
Replies
dcastleton
Beginner

AnyConnect and Clientless SSL-VPN

Are there any issues in running Cisco AnyConnect and Clientless SSL-VPN alongside each other??

I am currently looking into adding AnyConnect functionality to an ASA that has currently configured to run Clientless SSL-VPN. The Clientless system will not be removed. I know how to configure it, I am wondering if someone has already configured this or if there are any issue with this setup?

2 ACCEPTED SOLUTIONS

Accepted Solutions
stephan.ochs
Beginner

Hi Daniel

It's a bit tricky if you want a granular authentication and authorization, but it works.

I'm running an ASA with IPSec, SSL Client and Clientless SSL.

Each of those VPNs with username/one-time-password and certificate based authen.

The main challenge is to build up a clean structure of Profile Maps, Connection Profiles, Group Policies and Dynamic Access Policies.

Feel free to ask further questions...

Stephan

View solution in original post

I've tested this and you can do. I had both setup on my ASA.

View solution in original post

5 REPLIES 5
stephan.ochs
Beginner

Hi Daniel

It's a bit tricky if you want a granular authentication and authorization, but it works.

I'm running an ASA with IPSec, SSL Client and Clientless SSL.

Each of those VPNs with username/one-time-password and certificate based authen.

The main challenge is to build up a clean structure of Profile Maps, Connection Profiles, Group Policies and Dynamic Access Policies.

Feel free to ask further questions...

Stephan

View solution in original post

I've tested this and you can do. I had both setup on my ASA.

View solution in original post

Thank you very much for your answers I will be implementing this in the next few days hopefully I will not run into any issues

Thanks for your help

Dan

Hi Stephan,

Is there any document showing how to do it?

I have some anyconnect profile configured and I enabled clientless connection on them.

But when I access the URL https://"asa address" the ASA send me straight to anyconnect instalation.

If the profile is enable for anyconnect and clientless is ther a way to choose which way to connect?

Thanks!

In group Policy edit > Advanced > AnyConnect CLient > Login Settings

Prompt user to choose

Create
Recognize Your Peers
Polls
Which of these topics should we host an event in the Community?

Top Choice: pxGrid (39%)

Content for Community-Ad