Enabling Modules For Additional Anyconnect Features - Cisco 5505 - ASA Firewall Edition Bundle Administrator's Manual

Administration guide

Hide thumbs Also See for 5505 - ASA Firewall Edition Bundle:

Configuration manual (1822 pages)

Getting started manual (168 pages)

Hardware installation manual (82 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

page of 118

/ 118
Contents
Table of Contents
Bookmarks

Table of Contents

Enabling Modules for Additional AnyConnect Features

interface GigabitEthernet0/1

Configure an 'ipv6 local pool' (used for AnyConnect Client IPv6 address assignment):

Step 2

ipv6 local pool ipv6pool 2001:DB8:1:1::5/32 100

Note

Add the ipv6 address pool to your Tunnel group policy (or group-policy):

Step 3

tunnel-group YourTunGrp1 general-attributes

Note

Configure an IPv6 Tunnel Default Gateway:

Step 4

ipv6 route inside ::/0 X:X:X:X::X tunneled

Enabling Modules for Additional AnyConnect Features

As new features are released for the AnyConnect client, you must update the AnyConnect clients of your

remote users for them to use the new features. To minimize download time, the AnyConnect client

requests downloads (from the security appliance) only of modules that it needs for each feature that it

supports. To enable new features, you must specify the new module names using the svc modules

command from group policy webvpn or username webvpn configuration mode:

Separate multiple strings with commas.

For a list of values to enter for each AnyConnect client feature, see the release notes for the

Cisco AnyConnect VPN Client.

In the following example, the network administrator enters group-policy attributes mode for the group

policy telecommuters, enters webvpn configuration mode for the group policy, and specifies the string

vpngina to enable the AnyConnect client feature Start Before Login:

hostname(config)# group-policy telecommuters attributes

hostname(config-group-policy)# webvpn

hostame(config-group-webvpn)# svc modules value vpngina

Cisco AnyConnect VPN Client Administrator Guide

6-4

nameif inside

security-level 100

ip address 10.10.0.1 255.255.0.0

ipv6 address 2001:DB8::1/32

ipv6 enable

; Needed for IPv6.

You still need to configure an IPv4 address pool when using IPv6 (using the ip local pool

command)

Again, you must also configure an IPv4 address pool here as well (using the 'address-pool'

command).

[no] svc modules {none | value string}

Chapter 6

Configuring AnyConnect Features Using CLI

; Needed for IPv6.

; Use your IPv6 prefix here

ipv6-address-pool ipv6pool

OL-12950-012

Table of Contents

Enabling Modules For Additional Anyconnect Features - Cisco 5505 - ASA Firewall Edition Bundle Administrator's Manual

Enabling Modules for Additional AnyConnect Features

Enabling Modules for Additional AnyConnect Features

Related Manuals for Cisco 5505 - ASA Firewall Edition Bundle

Related Content for Cisco 5505 - ASA Firewall Edition Bundle

Table of Contents