06-11-2009 05:22 PM
Hi,
I currently have a WebVPN + AnyConnect setup on a 871 router working #1. I am able to give out ip's from my own dhcp pool, a feature I greatly appreciate. Since my network is also v6-compliant and most of my stuff is transferred, how would I go to give out my prefix and RA through the VPN? My router is already setup for v6, the only thing I need to do is to tell it to AnyConnect.
Here is my setup:
ip dhcp excluded-address 192.168.1.1 192.168.1.100
!
ip dhcp pool lan
network 192.168.1.0 255.255.255.0
default-router 192.168.1.1
domain-name xxxx.net
dns-server 24.xxx.xxx.xx
!
interface Vlan10
description $FW_INSIDE$
ip address 192.168.1.1 255.255.255.0
ip nat inside
ip virtual-reassembly
ipv6 address 2001:xxx:xxx:1::1/64
ipv6 enable
!
ip local pool sslclients 192.168.1.80 192.168.1.90
webvpn gateway gateway_1
ip address 69.xx.xx.xx port 443
ssl trustpoint TP-self-signed-506703934
inservice
!
webvpn install svc flash:/webvpn/svc_1.pkg sequence 1
!
webvpn context sslvpn
secondary-color white
title-color #CCCC66
text-color black
ssl authenticate verify all
!
!
policy group policy_1
functions svc-enabled
svc address-pool "sslclients"
svc keep-client-installed
svc split include 192.168.1.0 255.255.255.0
default-group-policy policy_1
aaa authentication list sdm_vpn_xauth_ml_1
gateway gateway_1 domain sslvpn
inservice
!
So basically, I would like to hand out addresses from my 2001:xxx:xxx:1::1/64 pool (it is also a routable /48)
Any help appreciated.
06-12-2009 01:08 PM
This is not currently supported. Please refer to the restrictions section of the below doc.
http://www.cisco.com/en/US/docs/ios/12_4t/12_4t11/htwebvpn.html#wp1053807
06-12-2009 03:22 PM
Thank you for your reply, do you know if it will be supported in the near future?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide