-
Cisco AnyConnect VPN Client Administrator Guide, Release 2.4
-
Introduction to AnyConnect
-
Configuring the Security Appliance to Deploy the AnyConnect Client
-
Configuring AnyConnect Client Features
-
Fulfilling Other Administrative Requirements for AnyConnect
-
Managing Authentication
-
Customizing and Localizing the AnyConnect Client and Installer
-
Communicating User Guidelines
-
Managing, Monitoring, and Troubleshooting AnyConnect Connections
-
Open Software License Notices
-
Feedback
Table Of Contents
Using the AnyConnect CLI Commands to Connect (Standalone Mode)
Setting the Secure Connection (Lock) Icon
Communicating User Guidelines
Please consider selecting from the guidelines for communication with your VPN users, or use this section as a reference when responding to user requests for guidance. The following topics are covered:
•
Using the AnyConnect CLI Commands to Connect (Standalone Mode)
•
Using the AnyConnect CLI Commands to Connect (Standalone Mode)
The Cisco AnyConnect VPN Client provides a CLI for users who prefer to issue commands instead of using the graphical user interface. The following sections describe how to launch the CLI command prompt.
For Windows
To launch the CLI command prompt and issue commands on a Windows system, locate the file vpncli.exe in the Windows folder C:\Program Files\Cisco\Cisco AnyConnect VPN Client. Double-click the file vpncli.exe.
For Linux and Mac OS X
To launch the CLI command prompt and issue commands on a Linux or Mac OS X system, locate the file vpn in the folder /opt/cisco/vpn/bin/. Execute the file vpn.
You can run the CLI in interactive mode, in which it provides its own prompt, or you can run it with the commands on the command line. Table 7-1 shows the CLI commands.
The following examples show the user establishing and terminating a connection from the command line:
Windows
connect 209.165.200.224Establishes a connection to a security appliance with the address 209.165. 200.224. After contacting the requested host, the AnyConnect client displays the group to which the user belongs and asks for the user's username and password. If you have specified that an optional banner be displayed, the user must respond to the banner. The default response is n, which terminates the connection attempt. For example:
VPN> connect 209.165.200.224>>contacting host (209.165.200.224) for login information...>>Please enter your username and password.Group: testgroupUsername: testuserPassword: ********>>notice: Please respond to banner.VPN>STOP! Please read. Scheduled system maintenance will occur tonight from 1:00-2:00 AM for one hour. The system will not be available during that time.accept? [y/n] y>> notice: Authentication succeeded. Checking for updates...>> state: Connecting>> notice: Establishing connection to 209.165.200.224.>> State: Connected>> notice: VPN session established.VPN>statsDisplays statistics for the current connection; for example:
VPN> stats[ Tunnel Information ]Time Connected: 01:17:33Client Address: 192.168.23.45Server Address: 209.165.200.224[ Tunnel Details ]Tunneling Mode: All TrafficProtocol: DTLSProtocol Cipher: RSA_AES_256_SHA1Protocol Compression: None[ Data Transfer ]Bytes (sent/received): 1950410/23861719Packets (sent/received): 18346/28851Bypassed (outbound/inbound): 0/0Discarded (outbound/inbound): 0/0[ Secure Routes ]Network Subnet0.0.0.0 0.0.0.0VPN>disconnectCloses a previously established connection; for example:
VPN> disconnect>> state: Disconnecting>> state: Disconnected>> notice: VPN session ended.VPN>quit or exit
Either command exits the CLI interactive mode; for example:
quitgoodbye>>state: DisconnectedLinux or Mac OS X
/opt/cisco/vpn/bin/vpn connect 1.2.3.4Establishes a connection to a security appliance with the address 1.2.3.4.
/opt/cisco/vpn/bin/vpn connect some_asa_aliasEstablishes a connection to a security appliance by reading the profile and looking up the alias some_asa_alias in order to find its address.
/opt/cisco/vpn/bin/vpn statsDisplays statistics about the vpn connection.
/opt/cisco/vpn/bin/vpn disconnectDisconnect the vpn session if it exists.
Logging Out
Security note: Always log out when you finish your session. Logging out is especially important when you are using a public computer such as in a library or Internet cafe. If you do not log out, someone who uses the computer next could access your files. Don't risk the security of your organization! Always log out.
Setting the Secure Connection (Lock) Icon
The Lock icon indicates a secure connection. Windows XP automatically hides this icon among those that have not been recently used. Users can prevent Windows XP from hiding this icon by following this procedure:
Step 1
Step 2
Step 3