Cisco ASA - AnyConnect VPN
Enable webvpn
webvpn
enable outside
anyconnect image disk0:/anyconnect-win-4.0.00061-k9.pkg 1
anyconnect image disk0:/anyconnect-macosx-i386-4.0.00061-k9.pkg 2
anyconnect image disk0:/anyconnect-linux-64-4.0.00061-k9.pkg 3
anyconnect enable
tunnel-group-list enable
cache
disable
error-recovery disable
ip local pool webvpn-ippool 172.28.38.10-172.28.38.250 mask 255.255.255.0
object network anyconnect_subnet
subnet 172.28.38.0 255.255.255.0
object network internal_subnet
subnet 172.28.37.0 255.255.255.0
nat (any,outside) source static internal_subnet internal_subnet destination static anyconnect_subnet anyconnect_subnet
group-policy SSLAccess internal
group-policy SSLAccess attributes
address-pools value webvpn-ippool
vpn-tunnel-protocol ssl-client
split-tunnel-policy tunnelspecified
tunnel-group SSLAccess type remote-access
tunnel-group SSLAccess general-attributes
default-group-policy SSLAccess
tunnel-group SSLAccess webvpn-attributes
group-alias VPN
username username password hhcZmvOYAh1el mschap privilege 0
username username attributes
vpn-group-policy SSLAccess
SplitACL (optional)
group-policy SSLAccess attributes
dns-server value 8.8.8.8 8.8.4.4
split-tunnel-network-list value Split-ACL
access-list Split-ACL standard permit 172.28.38.0 255.255.255.0