AnyConnect ‘Management VPN Tunnel’ Configuration
KB ID 0001503 Problem With the newest version of AnyConnect (4.7) there’s an added feature called ‘Management VPN’. It’s there, so that if you have remote users who don’t VPN in very often, then you may struggle to mange them, e.g. put software updates, AV updates, SCCM packages etc. down to them. Before version 4.7 you could configure ‘Automatically Connect’, or ‘Start before...
Cisco AnyConnect With Server 2016 NPAS (RADIUS) Different Groups
KB ID 0001474 Problem A few years ago I replaced a firewall that was setup like this, and while it took me a while to work out what was going on, I remember thinking it was an elegant solution. Fast forward to today, and I’m now working with the guy who set it up! (Kudos to Paul White). So when I had a client with a similar requirement, I sat down fired up the lab, and documented it. What was used; Windows 10 Remote Client...
Cisco ASA: Updating and Copying files from USB
KB ID 0001377 Problem Cisco ASA firewalls have had USB sockets on them for a while, but a dig into the documentation only yielded, ‘for use in future releases’. Well they are working now! Note: Firewall shown is a 5516-X (running version 9.8(1)) Solution Your drive needs to be formatted as FAT (not NTFS), I’m going to update/install some AnyConnect client software, but there’s nothing to stop you uploading a...
AnyConnect Error – ‘Failed To Get Configuration From Secure Gateway’
KB ID 0001354 Problem Saw this while attempting to connect to my ASA this week. AnyConnect Secure Mobility Downloader Failed to get configuration from secure gateway. Contact your system administrator Solution Well luckily I’d just made a change so I could focus on the right area straight away. I’d been messing around with the profile xml file associated with my AnyConnect GroupPolicy. If you take a look at my profile...
Cisco AnyConnect – Running ‘Logon Scripts / OnConnection Scripts’
KB ID 0001353 Problem I’ve seen this asked a lot in forums, and it came up on EE again today. I’ve never had to set this up in the past, but I’ve posted the links to the correct Cisco articles when people have asked. After the question was asked again today, I thought I’d take the time to write a decent article on how to do it. Why would you want to do this? You might want to map/reconnect a mapped drive, or...
Updating the AnyConnect client for Deployment from the Cisco ASA 5500
KB ID 0000704 Problem Your ASA will (by default) update your AnyConnect clients to the latest client software when they connect. However you need to supply the ASA with the updated packages first. Solution 1. Download the latest AnyConnect client package, from Cisco. The one you want will have a file extension of .pkg AnyConnect 4 AnyConnect 3 2. Connect to the ASDM > Configuration > Remote Access VPN > Network (Client)...