Experts
I need to enable the command anyconnect-essentials in my webvpn configuration.
When I do show run webvpn I see:
no anyconnect-essentials.
If I go to webvpn:
(config-webvpn)anyconnect-essentials ( then hit enter) I get this error message:
Clientless sessions currently active:3
After all clientless sessions are disconnected, manually enable Anyconnect Essentials using ASDM or "anyconnect-essentials" CLI under webvpn mode.
For some Reason JAVA is screwed up and I can't run ASDM.
How Do I disconnect the Clientless sessions via CLI in order to add the command
"anyconnect-essentials"
Thanks for your help!!
Solved! Go to Solution.
vpn-sessiondb logoff ....
Marcin,
Thanks for the quick response.
Question, will this only disconnect the Clientless sessions or will it also affect the other SA's?
If I run a show cry isa sa ---> It shows Active SA: 57
I need to know if these 57 VPN tunnels will be affected. :-)
Thanks again!!
vpn-sessiondb logoff
To log off all or selected VPN sessions, use the vpn-sessiondb logoff command in global configuration mode.
vpn-sessiondb logoff {remote | l2l | webvpn | email-proxy | protocol protocol-name | name username | ipaddressIPaddr | tunnel-group groupname | index indexnumber | all}
I am somewhat puzzled. When you look for show cry isa sa you are looking for ISAKMP but this is used for IPSec. I would expect the clientless and the AnyConnect sessions to be SSL based and not IPSec ISAKMP based.
I would also ask whether you already have installed the AnyConnect Essentials license on this ASA.
HTH
Rick
Hehe, good point, although this might be AC IKEv2 tunnels :-)
@Randall yes, you're probably looking for clearing your SSL connections as Rick mentions.
I sort of wondered about that until I remembered that the title of the thread says that the ASA is running 8.2 code.
HTH
Rick
Thanks a bunch for the help, @Richard: Anyconnect license is already installed because it was previously working. I noticed that configuration change today after the reboot. I didn´t know if the SA and Clientless where related, but I know understand that they are 2 separte things completely.
*- Just to clarify, if I run the vpn-sessiondb logoff it will knock out all the clientless sessions.
So step 1: Run vpn-sessiondb logoff
Step 2:Run in (config-webvpn)anyconnect-essentials
Sounds about right?
Once again, thanks
you might want to narrow down that logoff command.
Or you clear everything on the box.
http://www.cisco.com/en/US/docs/security/asa/asa82/command/reference/uz.html#wp1631050
You might want to do "remote" ... depends on your setup and who's logged in and what they're using.