1-16
Cisco ASA Series CLI Configuration Guide
Chapter 1 Configuring AnyConnect VPN Client Connections
Configuring AnyConnect Connections
Step 1 Create the custom attributes with the anyconnnect-custom-attr command in webvpn configuration
mode:
[no] anyconnect-custom-attr attr-name [description description]
The following example shows how to add the custom attribute DeferredUpdateAllowed:
hostname(config)# webvpn
hostame(config-webvpn)# anyconnect-custom-attr DeferredUpdateAllowed description
"Indicates if the deferred update feature is enabled or not"
Step 2 Add or remove the custom attributes to a group policy, and configure values for each attribute, using the
anyconnect-custom command:
anyconnect-custom attr-name value value
no anyconnect-custom attr-nam
The following example shows how to enable Deferred Update for the group policy named sales:
Table 1-1 Custom Attributes for Deferred Upgrade
Custom Attribute
Valid
Values
Default
Valu e Note s
DeferredUpdateAll
owed
true
false
false True enables deferred update. If deferred update is
disabled (false), the settings below are ignored.
DeferredUpdateMin
imumVersion
x.y.z 0.0.0 Minimum version of AnyConnect that must be installed
for updates to be deferrable.
The minimum version check applies to all modules
enabled on the headend. If any enabled module
(including VPN) is not installed or does not meet the
minimum version, then the connection is not eligible for
deferred update.
If this attribute is not specified, then a deferral prompt is
displayed (or auto-dismissed) regardless of the version
installed on the endpoint.
DeferredUpdateDis
missTimeout
0-300
(seconds)
none
(disabled)
Number of seconds that the deferred upgrade prompt is
displayed before being dismissed automatically. This
attribute only applies when a deferred update prompt is
to be displayed (the minimum version attribute is
evaluated first).
If this attribute is missing, then the auto-dismiss feature
is disabled, and a dialog is displayed (if required) until
the user responds.
Setting this attribute to zero allows automatic deferral or
upgrade to be forced based on:
• The installed version and the value of
DeferredUpdateMinimumVersion.
• The value of DeferredUpdateDismissResponse.
DeferredUpdateDis
missResponse
defer
update
update Action to take when DeferredUpdateDismissTimeout
occurs.
To Next Page
Loading...
Need help?
General
