Sunday, August 3, 2014

Annyconnect SSL VPN



Scenario: outside Windows 7 user(192.168.1.151/24) wants to connect inside network 192.168.0.0 network with cisco Anyconnect program.

1. Add Group: configure ip pool that outside users can be assigned.

Configure Split Tunneling for user to communicate with both inside network and outside network.

 2. Add Connection Profile: configure Authentication method, IP pool, DNS server.

 3. Add Anyconnect software for outside users who don't have Anyconnect software.


 4. Add user: add user and configure user group policy.



Result: connect outside user (192.168.1.152/24) to inside network.


 because I didn't set  DNS server on outside network, I will use ip address to connect to inside network.



Varify the ip addresses: ipconfig /all

you didn't set mgk.com network, but you have. The ip address you assigned is 192.168.0.51.
The ip address 192.168.1.159 is your real ip address in your local area network adapter.

This is the ip address that you can access to inside network.
The other ip addresses such as google.com will use local area network adapter which is 192.168.1.159/24


Because my DNS server is in DMZ zone(I don't know why I did..;;) I can't use domain name.
So, I use ip address to connect inside network.

1. Web service for inside network:  http://192.168.0.2/index.html
2. FTP service for inside network: ftp://192.168.0.2 (user id and password required)
3. Google.com for internet access

4. RDP ( Remote Desktop Access)


5. VNC




 6. Putty: SSH


No comments:

Post a Comment