Solved: Re: Prelogin Configuration / Host Scan

MaDe · ‎09-10-2012

Good day Community,

I configured Anyconnect and Clientless VPN successfully on our ASA 5510.
Now I will assign a Prelogin Policy and DAP. But I struggle of managing Clientless and Anyconnect polices.

The senario is very simple....

check if the client is in the domain example.local

if yes establish a Anyconnect session
if not go to the SSL portal.

Is there anyway to setup this with the prelogin policy?

Thanks for your Feedback!
Brgds Markus

Javier Portuguez · ‎09-10-2012

Hi Markus,

You need to configure the pre-login policy and apply it to a DAP. Then in the DAP specify the access method:

Keep me posted.

Portu.

Please rate any post you find useful.

View solution in original post

Javier Portuguez · ‎09-10-2012

Hi Markus,

You need to configure the pre-login policy and apply it to a DAP. Then in the DAP specify the access method:

Keep me posted.

Portu.

Please rate any post you find useful.

MaDe · ‎09-10-2012

Hi Portu,

ok so you mean I have to configure only the domain check in the prelogin ploicy. And then I select what to do in the DAP Access Method -> if yes -> AnyConnect

-> if no -> Webportal

Correct ?

Brgds Markus

Javier Portuguez · ‎09-10-2012

Hi Markus,

That is correct.

Portu.

Please rate any post you find useful.

MaDe · ‎09-10-2012

Ok thanks. So if I have two groups e.g. sales and marketing, I have to create four DAP rules.

Sales -> anyconnect

-> clientless

Marketing -> anyconnect

-> clientless

Brgds Markus

Javier Portuguez · ‎09-10-2012

Hi,

The how, depends on you.

I would suggest to have only two, one for AnyConnect and another one for WebVPN.

Then you can define a specific criteria which includes both profiles and the specific pre-login policy.

Let me know.

Portu.