Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
834
Views
0
Helpful
8
Replies

Troubles with AnyConnect

Go to solution
NET_RANGER
Level 1
Level 1

‎07-01-2015 10:31 PM - edited ‎02-21-2020 08:19 PM

Hello comunity! I have few tasks with AnyConnect wich I must to do, but have no idea how. Please help. The tasks are:

1. Disable IPv6. We have no running IPv6 services, and clients with IPv6 create for us additional routine.

2. Prevent AnyConnect IPs from it's registring in DNS, cuz AnyConnect IP's isn't routeable from intranet.

Client's OS - from XP to 8, OS of DNS server is Windows server 2008 R2 Datacenter. I'm trying to disable IPv6 like here http://www.techunboxed.com/2012/08/how-to-disable-ipv6-in-windows-8.html, but looks like it's didn't work for AnyConnect.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Abaji Rawool
Level 3
Level 3

‎07-06-2015 12:43 AM

Hi,

Are you using ASA to assign IPs to Anyconnect users? if yes the they should not register to the DNS.

Also you can disable IPV6 address as mentioned here:http://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect31/administration/guide/anyconnectadmin31/ac03vpn.html#pgfId-1520244

 

HTH

Abaji.

 

View solution in original post

0 Helpful
8 Replies 8

Go to solution
Abaji Rawool
Level 3
Level 3

‎07-06-2015 12:43 AM

Hi,

Are you using ASA to assign IPs to Anyconnect users? if yes the they should not register to the DNS.

Also you can disable IPV6 address as mentioned here:http://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect31/administration/guide/anyconnectadmin31/ac03vpn.html#pgfId-1520244

 

HTH

Abaji.

 

0 Helpful

Go to solution
NET_RANGER
Level 1
Level 1
In response to Abaji Rawool

‎07-07-2015 12:44 AM

Yes, ASA is assigns IPs to Anyconnect users. But whom you mean under 'they should not register to the DNS'? Users? If so, how I can do it for an array of PCs?

0 Helpful

Go to solution
Abaji Rawool
Level 3
Level 3
In response to NET_RANGER

‎07-08-2015 08:01 AM

If the ASA assigns IP to users it does not register like windows dhcp / dns based environment.

HTH

Abaji.

 

 

0 Helpful

Go to solution
NET_RANGER
Level 1
Level 1
In response to Abaji Rawool

‎07-12-2015 11:57 PM

In fact, it's really registring (ASA's IP's are occured in our DNS server), but if I changing something on the ASA, few windows are appears on a client PC's, something like 'profile has been changed' or like that and users have no idea what to press. How I can to make changes on ASA without notifications at the client side (it's around 100 PC's at my company)?

0 Helpful

Go to solution
Abaji Rawool
Level 3
Level 3
In response to NET_RANGER

‎07-14-2015 07:52 PM

Client will continue get the messages if there is any change on ASAs client profile.

HTH

Abaji.

0 Helpful

Go to solution
NET_RANGER
Level 1
Level 1
In response to Abaji Rawool

‎07-20-2015 04:49 AM

I have figured out, that's ASA making IP's, which it's assigns to clients, primary. How I can change that?

0 Helpful

Go to solution
Abaji Rawool
Level 3
Level 3
In response to NET_RANGER

‎07-20-2015 08:32 AM

You can refer the same guide.

HTH

Abaji.

0 Helpful

Go to solution
NET_RANGER
Level 1
Level 1
In response to Abaji Rawool

‎07-29-2015 12:07 AM

Can I do it without using ASDM? Also, I would like to know, why it's happening (I mean, why an adrress, released by Cisco ASA, becomes primary on targeting PC).

0 Helpful
Customers Also Viewed These Support Documents