Cisco anyconnect and jump hosts

Just to clarify, do you want to use Any Connect before or after the jump?

Before
Local PC => Any Connect => RDP => Jumped session

After
Local PC => RDP => Jumped Any Connect => Jumped session

Thanks

Stefane,
After the jump
Local PC => RDP => Jumped Any Connect => Jumped session

Sebastian,

This is a great Jump scenario. I'm assuming you've read the following "How to Configure Remote Desktop Manager Jump"

For the Jump Host nothing changes, an RDP session marked as "Is Jump Host"

As for the "jumped session" RDP (or other session type) make sure you configure the Jump Host to be the session defined above. Now configure the VPN settings to your Any Connect VPN or link it to an existing Any Connect VPN session.

How will this work? RDM will package the jumped session along with the Any Connect information, open the Jump Host, pass all the information along and let the Jump Host take care of opening the VPN then the session.

Note: Any Connect must be installed on the Jump Host machine/VM for it to work.

Note2: You may need to configure RDM on the Jump Host to map the Any Connect install path if the install path isn't yet specified or not in it's default location.

Let me know if that works for you.

Best regards,

Stefane,
This is how we configured rdm for the jump host.
VMW095 is our jump host.
server3 is the rdp with a anyconnect connection in it and is set for Jump session vmw095.
I click open session for server 3 and the jump to vmw095 is started, on the jump I see that he is setting up the connection for anyconnect but then I get the error Unable to open the VPN connection, do you want to continue?.
Can it be that you cannot setup a connection of anyconnect inside a rdp and that it only works if you are doing this local on your computer or if you are using a console session.

Stefane,


An update see the link below to get anyconnect work in an rdp this is something that has to be changed at the customers side.
http://serverfault.com/questions/518771/cisco-anyconnect-vpn-establishment-capability-from-a-remote-desktop-is-disabled

Sebastiaan,

It looks like you got it working. Let me know if you need assistance.

Best regards,

Stefane,
It's not working, our clients do not want to change the settings on the ASA and the want to know if it can be done on another way.

Hi Sebastiaan,

Unfortunately there is nothing else we can do since Jump is only supported via RDP, therefore you only option would be to change the setting to enable it in ASA.

Best regards,