AC Group Policy

Create/Edit Group policy

In AnyConnect the Group Policy is referenced by VPN connection profiles and User accounts. Basic information like IP Pool Assignment, tunneling protocols, restrictions, proxy setup etc. can be configured via Group Policy. By default most of the setting in a Group policy is defined as “Inherit”. If no criteria is defined in the Group Policy, it picks up the information from the profiles.

 To create a Group Policy:-

Connect to the ASA using ASDM and select Configuration > Remote Access VPN > Network (Client) Access > Group Policies.

 In the new Group Policy, give it a name and configure parameters like Banner value, tunneling protocols, access hours, restrictions etc, in general option.

In the Server option of that Group Policy, add DNS, WNS, domain entry etc.

In the Advanced option, add proxy settings that will be pushed to the clients’ browsers.

In the “AnyConnect Client” option, we can add the profile that can be downloaded to the user system whenever the user connects to this VPN device. So if we need to push an edited profile, we can have this automatically downloaded to the users system.

 Note:- On clicking “Add” you will be able to choose from an already existing profile.

This group policy can now be assigned to a Connection Profile