Enabling permanent client installation – Cisco ASA 5505 User Manual
Page 1717
 
75-7
Cisco ASA 5500 Series Configuration Guide using the CLI
Chapter 75 Configuring AnyConnect VPN Client Connections
Configuring AnyConnect Connections
Enabling Permanent Client Installation
Enabling permanent client installation disables the automatic uninstalling feature of the client. The client 
remains installed on the remote computer for subsequent connections, reducing the connection time for 
the remote user. 
Note
AnyConnect versions 3.0 and later do no support permanent client installation. The CLI is still available 
to support older versions of AnyConnect.
To enable permanent client installation for a specific group or user, use the anyconnect keep-installer 
command from group-policy or username webvpn modes:
Step 4
ip local pool
poolname startaddr-endaddr
mask
mask
Example:
hostname(config)# ip local pool vpn_users
209.165.200.225-209.165.200.254
mask 255.255.255.224
(Optional) Creates an address pool. You can use another method 
of address assignment, such as DHCP and/or user-assigned 
addressing.
Step 5
address-pool
poolname
Example:
hostname(config)# tunnel-group
telecommuters general-attributes
hostname(config-tunnel-general)#
address-pool
vpn_users
Assigns an address pool to a tunnel group.
Step 6
default-group-policy
name
Example:
hostname(config-tunnel-general)#
default-group-policy sales
Assigns a default group policy to the tunnel group.
Step 7
group-alias
name enable
Example:
hostname(config)# tunnel-group
telecommuters webvpn-attributes
hostname(config-tunnel-webvpn)#
group-alias sales_department enable
Enables the display of the tunnel-group list on the clientless portal 
and AnyConnect GUI login page. The list of aliases is defined by 
the group-alias name enable command.
Step 8
tunnel-group-list enable
Example:
hostname(config)# webvpn
hostname(config-webvpn)# tunnel-group-list
enable
Specifies the AnyConnect client as a permitted VPN tunneling 
protocol for the group or user.
Step 9
vpn-tunnel-protocol
Example:
hostname(config)# group-policy sales
attributes
hostname(config-group-policy)# webvpn
hostname(config-group-webvpn)#
vpn-tunnel-protocol
Specifies SSL as a permitted VPN tunneling protocol for the 
group or user. You can also specify additional protocols. For more 
information, see the vpn-tunnel-protocol command in the Cisco 
ASA 5500 Series Command Reference.
For more information about assigning users to group policies, see 
Chapter 6, Configuring Connection Profiles, Group Policies, and 
Users.
Command
Purpose