04-20-2022 03:17 AM
Hi,
By mistake I have added the domain to the anyconnect-custom-data dynamic-split-exclude-domains without coma (,) at the end.
Now, I've re-added it with the coma value but want to remove the old entry.
anyconnect-custom-data dynamic-split-exclude-domains Bypass testsute.com
How do I remove it?
no anyconnect-custom-data dynamic-split-exclude-domains Bypass testsute.com
is not accepted.
ERROR: % Invalid input detected at '^' marker.
Thanks
Solved! Go to Solution.
04-20-2022 07:57 AM
To remove unwanted entry I had to create new list Bypass_01 with all of the domains.
Then assigned all profiles that used Bypass policy to use Bypass_01.
Then, I was able to edit the Bypass list and removed unwanted entry.
Once entry was removed and changes applied, I flipped all profiles to the Bypass list and apply the configuration.
anyconnect-custom-data dynamic-split-exclude-domains Bypass_01
04-20-2022 03:58 AM - edited 04-20-2022 03:58 AM
@ziqex I've tried to do a similar thing recently too, seems like you cannot edit once it's in use from CLI or ASDM.
Less than ideal, but you can remove reference to the split list under the group-policy, then remove the list completely.
group-policy RAVPN attributes
no anyconnect-custom dynamic-split-exclude-domains
!
no anyconnect-custom-data dynamic-split-exclude-domains EXCLUDE
Then re-add split list with the correct domains and reference under the group-policy.
anyconnect-custom-data dynamic-split-exclude-domains EXCLUDE outlook.com,
anyconnect-custom-data dynamic-split-exclude-domains EXCLUDE office.com,
anyconnect-custom-data dynamic-split-exclude-domains EXCLUDE office365.com,
anyconnect-custom-data dynamic-split-exclude-domains EXCLUDE teams.microsoft.com,
anyconnect-custom-data dynamic-split-exclude-domains EXCLUDE live.com,
anyconnect-custom-data dynamic-split-exclude-domains EXCLUDE lync.com,
!
group-policy RAVPN-GP attributes
anyconnect-custom dynamic-split-exclude-domains value EXCLUDE
04-20-2022 05:01 AM
Thank you for the suggestion. It would be very annoying if there is no option to remove unwanted config without disruption to the production environment.
04-20-2022 07:57 AM
To remove unwanted entry I had to create new list Bypass_01 with all of the domains.
Then assigned all profiles that used Bypass policy to use Bypass_01.
Then, I was able to edit the Bypass list and removed unwanted entry.
Once entry was removed and changes applied, I flipped all profiles to the Bypass list and apply the configuration.
anyconnect-custom-data dynamic-split-exclude-domains Bypass_01
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide