Enabling permanent client installation – Cisco ASA 5505 User Manual

Page 1717

Advertising
background image

75-7

Cisco ASA 5500 Series Configuration Guide using the CLI

Chapter 75 Configuring AnyConnect VPN Client Connections

Configuring AnyConnect Connections

Enabling Permanent Client Installation

Enabling permanent client installation disables the automatic uninstalling feature of the client. The client
remains installed on the remote computer for subsequent connections, reducing the connection time for
the remote user.

Note

AnyConnect versions 3.0 and later do no support permanent client installation. The CLI is still available
to support older versions of AnyConnect.

To enable permanent client installation for a specific group or user, use the anyconnect keep-installer
command from group-policy or username webvpn modes:

Step 4

ip local pool

poolname startaddr-endaddr

mask

mask

Example:

hostname(config)# ip local pool vpn_users

209.165.200.225-209.165.200.254

mask 255.255.255.224

(Optional) Creates an address pool. You can use another method
of address assignment, such as DHCP and/or user-assigned
addressing.

Step 5

address-pool

poolname

Example:

hostname(config)# tunnel-group

telecommuters general-attributes

hostname(config-tunnel-general)#

address-pool

vpn_users

Assigns an address pool to a tunnel group.

Step 6

default-group-policy

name

Example:

hostname(config-tunnel-general)#

default-group-policy sales

Assigns a default group policy to the tunnel group.

Step 7

group-alias

name enable

Example:

hostname(config)# tunnel-group

telecommuters webvpn-attributes

hostname(config-tunnel-webvpn)#

group-alias sales_department enable

Enables the display of the tunnel-group list on the clientless portal
and AnyConnect GUI login page. The list of aliases is defined by
the group-alias name enable command.

Step 8

tunnel-group-list enable

Example:

hostname(config)# webvpn

hostname(config-webvpn)# tunnel-group-list

enable

Specifies the AnyConnect client as a permitted VPN tunneling
protocol for the group or user.

Step 9

vpn-tunnel-protocol

Example:

hostname(config)# group-policy sales

attributes

hostname(config-group-policy)# webvpn

hostname(config-group-webvpn)#

vpn-tunnel-protocol

Specifies SSL as a permitted VPN tunneling protocol for the
group or user. You can also specify additional protocols. For more
information, see the vpn-tunnel-protocol command in the Cisco
ASA 5500 Series Command Reference.

For more information about assigning users to group policies, see
Chapter 6, Configuring Connection Profiles, Group Policies, and
Users.

Command

Purpose

Advertising
This manual is related to the following products:

ASA 5585-X, ASA 5555-X, ASA 5545-X, ASA 5525-X, ASA 5515-X, ASA 5512-X, ASA 5580, ASA 5550, ASA 5540, ASA 5520, ASA 5510, ASA 5500 Series

Popular Brands
Popular manuals