After the implementation of the AnyConnect Client to our ASA5500 is at a good state i want to have some backup until our productional hardware will delivered. 😉
So i decided to use one of our Cisco 3845 Routers to do the job.
C3845#show version Load for five secs: 1%/0%; one minute: 3%; five minutes: 3% Time source is NTP, 07:48:17.248 CET Sat Sep 11 2010 Cisco IOS Software, 3800 Software (C3845-ADVSECURITYK9-M), Version 15.0(1)M1, RELEASE SOFTWARE (fc1) Technical Support: http://www.cisco.com/techsupport Copyright (c) 1986-2009 by Cisco Systems, Inc. Compiled Wed 02-Dec-09 16:43 by prod_rel_team ROM: System Bootstrap, Version 12.4(13r)T10, RELEASE SOFTWARE (fc1) C3845 uptime is 34 weeks, 4 days, 14 hours, 47 minutes System returned to ROM by reload at 15:53:45 CET Mon Jan 11 2010 System restarted at 15:55:20 CET Mon Jan 11 2010 System image file is "flash:c3845-advsecurityk9-mz.150-1.M1.bin"
First i installed the AnyConnect Package on the Router.
C3845(config)#webvpn install svc flash:/anyconnect-win-2.5.1025-k9.pkg sequence 1 SSLVPN Package SSL-VPN-Client (seq:1): installed successfully
ip local pool CSM_POOL_1 10.2.16.20 10.2.16.30 ip local pool vpnpool 10.2.16.31 10.2.16.41 ip local pool SSLVPNClient 10.2.16.50 10.2.16.60 ! webvpn gateway SSLVPN ip address 192.168.10.66 port 443 ssl trustpoint TP-self-signed-2234495401 inservice ! webvpn install svc flash:/webvpn/anyconnect-win-2.5.1025-k9.pkg sequence 1 ! webvpn context SSLVPN ssl authenticate verify all ! ! policy group SSLVPN functions svc-required svc address-pool "CSM_POOL_1" svc keep-client-installed svc dns-server primary 10.0.243.143 svc dns-server secondary 10.0.243.144 default-group-policy SSLVPN gateway SSLVPN inservice !
If you feel this helps a bit or may be not ? Please leave a comment.