cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1049
Views
10
Helpful
3
Replies

Removing domain from anyconnect-custom-data

ziqex
Level 4
Level 4

Hi,

By mistake I have added the domain to the anyconnect-custom-data dynamic-split-exclude-domains without coma (,) at the end.

Now, I've re-added it with the coma value but want to remove the old entry.

anyconnect-custom-data dynamic-split-exclude-domains Bypass testsute.com

 

How do I remove it?

no anyconnect-custom-data dynamic-split-exclude-domains Bypass testsute.com

is not accepted.

ERROR: % Invalid input detected at '^' marker.

Thanks

1 Accepted Solution

Accepted Solutions

To remove unwanted entry I had to create new list Bypass_01 with all of the domains.

Then assigned all profiles that used Bypass policy to use Bypass_01.

 

Then, I was able to edit the Bypass list and removed unwanted entry.

 

Once entry was removed and changes applied, I flipped all profiles to the Bypass list and apply the configuration. 

 

anyconnect-custom-data dynamic-split-exclude-domains Bypass_01 

 

 

View solution in original post

3 Replies 3

@ziqex I've tried to do a similar thing recently too, seems like you cannot edit once it's in use from CLI or ASDM.

Less than ideal, but you can remove reference to the split list under the group-policy, then remove the list completely.

 

group-policy RAVPN attributes
 no anyconnect-custom dynamic-split-exclude-domains
!
no anyconnect-custom-data dynamic-split-exclude-domains EXCLUDE

Then re-add split list with the correct domains and reference under the group-policy.

anyconnect-custom-data dynamic-split-exclude-domains EXCLUDE outlook.com,
anyconnect-custom-data dynamic-split-exclude-domains EXCLUDE office.com,
anyconnect-custom-data dynamic-split-exclude-domains EXCLUDE office365.com,
anyconnect-custom-data dynamic-split-exclude-domains EXCLUDE teams.microsoft.com,
anyconnect-custom-data dynamic-split-exclude-domains EXCLUDE live.com,
anyconnect-custom-data dynamic-split-exclude-domains EXCLUDE lync.com,
!
group-policy RAVPN-GP attributes
 anyconnect-custom dynamic-split-exclude-domains value EXCLUDE

 

Thank you for the suggestion. It would be very annoying if there is no option to remove unwanted config without disruption to the production environment.  

To remove unwanted entry I had to create new list Bypass_01 with all of the domains.

Then assigned all profiles that used Bypass policy to use Bypass_01.

 

Then, I was able to edit the Bypass list and removed unwanted entry.

 

Once entry was removed and changes applied, I flipped all profiles to the Bypass list and apply the configuration. 

 

anyconnect-custom-data dynamic-split-exclude-domains Bypass_01 

 

 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: