cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
462
Views
0
Helpful
3
Replies

Asa does not pass Subnetmask from dhcp to anyconnect client

v.dumont
Level 1
Level 1

Hi All,

I was wondering. I have configured dhcp for ip address allocation for my anyconnect clients. The ip address assignment but none of the other options like dns or subnetmask are passed onto the client. Is this expected behaviour?

Kind regards,

Vincent

3 Replies 3

Farhan Mohamed
Cisco Employee
Cisco Employee

Not sure of the behavior, Please see the link below it will help you to answer the above questions:-

http://www.cisco.com/c/en/us/support/docs/security/anyconnect-secure-mobility-client/118084-configure-anyconnect-00.html

Rahul Govindan
VIP Alumni
VIP Alumni

DHCP for VPN clients only assigns the ip address to the user. DNS and other options (domain) should be configured through the group-policy settings on the ASA. For DNS and domain:

group-policy GroupPolicy_SSLClient internal
group-policy GroupPolicy_SSLClient attributes
wins-server none
dns-server value 10.10.10.23
default-domain value Cisco.com

I have not tested this, but my understanding is that it should also assign the subnet along with ip address.

Pulkit Saxena
Cisco Employee
Cisco Employee

Hi Vincent,

Yes it is an expected behavior. The subnet mask will be seen as /32 only.

DNS and WINS Server information needs to be configured in the group policy.

-

Pulkit