Cisco 5505 Administration Guide - Page 40
Enabling AnyConnect Client SSL VPN Connections Using CLI - k9 ssl
UPC - 882658082252
View all Cisco 5505 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 40 highlights
Enabling AnyConnect Client SSL VPN Connections Using CLI Chapter 4 Installing the AnyConnect Client on a Security Appliance Using CLI Note The security appliance expands SSL VPN client and the Cisco Secure Desktop images in cache memory. If you receive the error message ERROR: Unable to load SVC image - increase disk space via the 'cache-fs' command, use the cache-fs limit command to adjust the size of cache memory: Step 3 Check the status of the clients using the show webvpn svc command: hostname(config-webvpn)# show webvpn svc 1. disk0:/anyconnect-win-2.0.0343-k9.pkg 1 CISCO STC win2k+ 2,0,0343 Tue 03/27/2007 4:16:21.09 2. disk0:/anyconnect-macosx-i386-2.0.0343-k9.pkg 2 CISCO STC Darwin_i386 2,0,0 Tue Mar 27 05:09:16 MDT 2007 3. disk0:/anyconnect-linux-2.0.0343-k9.pkg 3 CISCO STC Linux 2,0,0 Tue Mar 27 04:06:53 MST 2007 3 SSL VPN Client(s) installed Enabling AnyConnect Client SSL VPN Connections Using CLI After installing the client, enable the security appliance to allow AnyConnect VPN client SSL VPN connections by performing the following steps: Step 1 Step 2 Step 3 Step 4 Enable WebVPN on an interface using the enable command from webvpn mode: enable interface For example: hostname(config)# webvpn hostname(config-webvpn)# enable outside You must enable WebVPN on the interface before enabling DTLS. Enable SSL VPN connections globally, using the svc enable command from webvpn configuration mode. For example: hostname(config-webvpn)# svc enable Enable DTLS on an interface, using the dtls enable command in webvpn mode. For example: hostname(config-webvpn)# dtls enable outside To enable DTLS globally for a specific port, use the dtls port command in webvpn mode. The following example enters webvpn configuration mode and specifies port 444 for DTLS: hostname(config)# webvp4 hostname(config-webvpn)# dtls port 445 Configure a method of address assignment. You can use DHCP, and/or user-assigned addressing. You can also create a local IP address pool using the ip local pool command from global configuration mode: Cisco AnyConnect VPN Client Administrator Guide 4-2 OL-12950-012