Solved: Cisco Any Connect VPN

Abdul Ghaffar Arman · ‎05-08-2016

In my enterprise Network I am using Cisco Any Connect VPN client software for remote users to access the enterprise LAN resources, which is up and working. Cisco 2951 Router is the VPN gateway for remote users.

I want to configure the VPN in such a way that when some one is being connected with enterprise LAN network so than that user should not have access to the internet.

Secondly if some one tell me that Cisco Any Connect VPN Client software is capible of installing in Windows Server 2008 R2, if answer is YES so kindly send me the link to download.

Have a nice time.

Karsten Iwen · ‎05-08-2016

Kindly can you show me the configurations of full-tunnel

Just remove all lines starting with "svc split" from the "policy group" that is embedded in your "webvpn context" configuration. Then it will change to the default of "tunnel all".

Kindly can you send me the link of that software to download.

Windows is not my area of knowledge ... Luckily my clients use desktop-operating-systems.

Perhaps this component is already installed on that system from some other software? Have you just tried to install AnyConnect?

View solution in original post

Karsten Iwen · ‎05-08-2016

I want to configure the VPN in such a way that when some one is being connected with enterprise LAN network so than that user should not have access to the internet.

There are different ways to configure the VPN, and the way to prevent internet access is dependent on that. If you use Zone based Firewall and virtual templates on your ISR 2951, then place the virtual template of the lVPN in an own Zone and adjust your policies.

Secondly if some one tell me that Cisco Any Connect VPN Client software is capible of installing in Windows Server 2008 R2, if answer is YES so kindly send me the link to download.

This is from the release-notes:

Windows 2008 is not supported; however, we do not prevent the installation of AnyConnect on this OS. Also, Windows Server 2008 R2 requires the optional SysWow64 component

You download the client on the AnyConnect Download-page (Support-Contract and AnyConnect License required).

Abdul Ghaffar Arman · ‎05-08-2016

Thanks Dear Karsten lwen.

My main objective of this discussion was to know that how to configure a full-tunnel between Cisco Any Connect VPN Client and VPN gateway. The configuration of full-tunnel and split tunnel is almost same but there is a slight addition of access-lists in the configurations. Kindly can you show me the configurations of full-tunnel. Assume that we have one remote client which is going to be connecting with our Cisco ISR 2951 Router (which is the VPN Gateway).

The second thing you mentioned according to Windows Server 2008 R2 that we will have to install an additional software in Windows Server 2008 R2 to support the Cisco Any Connect VPN Client installation, Kindly can you send me the link of that software to download.!

Have a nice time.

Karsten Iwen · ‎05-08-2016

Kindly can you show me the configurations of full-tunnel

Just remove all lines starting with "svc split" from the "policy group" that is embedded in your "webvpn context" configuration. Then it will change to the default of "tunnel all".

Kindly can you send me the link of that software to download.

Windows is not my area of knowledge ... Luckily my clients use desktop-operating-systems.

Perhaps this component is already installed on that system from some other software? Have you just tried to install AnyConnect?

Abdul Ghaffar Arman · ‎05-09-2016

Thanks Dear Karsten lwen,

I will follow your instructions as you mentioned.

For Cisco Any Connect VPN Client software to be installed in Windows Server 2008 R2 is not possible because Windows Server 2008 R2 didn't contain C:\Windows\SysWOW64 folder. I installed it on Windows Server 2012 R2 machine because this OS contains C:\Windows\SysWOW64 folder, and working fine.

Have a nice time.