Cisco AnyConnect VPN Client Administrator Guide, Release 2.4
Communicating User Guidelines
Downloads: This chapterpdf (PDF - 106.0KB) The complete bookPDF (PDF - 3.47MB) | Feedback

Communicating User Guidelines

Table Of Contents

Communicating User Guidelines

Using the AnyConnect CLI Commands to Connect (Standalone Mode)

Logging Out

Setting the Secure Connection (Lock) Icon


Communicating User Guidelines


Please consider selecting from the guidelines for communication with your VPN users, or use this section as a reference when responding to user requests for guidance. The following topics are covered:

Using the AnyConnect CLI Commands to Connect (Standalone Mode)

Logging Out

Setting the Secure Connection (Lock) Icon

Using the AnyConnect CLI Commands to Connect (Standalone Mode)

The Cisco AnyConnect VPN Client provides a CLI for users who prefer to issue commands instead of using the graphical user interface. The following sections describe how to launch the CLI command prompt.

For Windows

To launch the CLI command prompt and issue commands on a Windows system, locate the file vpncli.exe in the Windows folder C:\Program Files\Cisco\Cisco AnyConnect VPN Client. Double-click the file vpncli.exe.

For Linux and Mac OS X

To launch the CLI command prompt and issue commands on a Linux or Mac OS X system, locate the file vpn in the folder /opt/cisco/vpn/bin/. Execute the file vpn.

You can run the CLI in interactive mode, in which it provides its own prompt, or you can run it with the commands on the command line. Table 7-1 shows the CLI commands.

Table 7-1 AnyConnect Client CLI Commands

Command
Action

connect IP address or alias

Client establishes a connection to a specific security appliance.

disconnect

Client closes a previously established connection.

stats

Displays statistics about an established connection.

quit

Exits the CLI interactive mode.

exit

Exits the CLI interactive mode.


The following examples show the user establishing and terminating a connection from the command line:

Windows

connect 209.165.200.224

Establishes a connection to a security appliance with the address 209.165. 200.224. After contacting the requested host, the AnyConnect client displays the group to which the user belongs and asks for the user's username and password. If you have specified that an optional banner be displayed, the user must respond to the banner. The default response is n, which terminates the connection attempt. For example:

VPN> connect 209.165.200.224
	>>contacting host (209.165.200.224) for login information...
	>>Please enter your username and password.
Group: testgroup
Username: testuser
Password: ********
	>>notice: Please respond to banner.
VPN> 
STOP! Please read. Scheduled system maintenance will occur tonight from 1:00-2:00 AM for 
one hour. The system will not be available during that time.

accept? [y/n] y
	>> notice: Authentication succeeded. Checking for updates...
	>> state: Connecting
	>> notice: Establishing connection to 209.165.200.224.
	>> State: Connected
	>> notice: VPN session established.
VPN>

stats

Displays statistics for the current connection; for example:

VPN> stats
[ Tunnel Information ]

	Time Connected:	01:17:33
	Client Address:	192.168.23.45
	Server Address:	209.165.200.224

[ Tunnel Details ]

	Tunneling Mode:	All Traffic
	Protocol: DTLS
	Protocol Cipher: RSA_AES_256_SHA1
	Protocol Compression: None

[ Data Transfer ]

	Bytes (sent/received): 1950410/23861719
	Packets (sent/received): 18346/28851
	Bypassed (outbound/inbound): 0/0
	Discarded (outbound/inbound): 0/0

[ Secure Routes ]

	Network			Subnet
	0.0.0.0			0.0.0.0
VPN>

disconnect

Closes a previously established connection; for example:

VPN> disconnect
	>> state: Disconnecting
	>> state: Disconnected
	>> notice: VPN session ended.
VPN>

quit or exit

Either command exits the CLI interactive mode; for example:

quit
goodbye
	>>state: Disconnected

Linux or Mac OS X

/opt/cisco/vpn/bin/vpn connect 1.2.3.4 

Establishes a connection to a security appliance with the address 1.2.3.4.

/opt/cisco/vpn/bin/vpn connect some_asa_alias

Establishes a connection to a security appliance by reading the profile and looking up the alias some_asa_alias in order to find its address.

/opt/cisco/vpn/bin/vpn stats

Displays statistics about the vpn connection.

/opt/cisco/vpn/bin/vpn disconnect     

Disconnect the vpn session if it exists.


Logging Out

Security note: Always log out when you finish your session. Logging out is especially important when you are using a public computer such as in a library or Internet cafe. If you do not log out, someone who uses the computer next could access your files. Don't risk the security of your organization! Always log out.

Setting the Secure Connection (Lock) Icon

The Lock icon indicates a secure connection. Windows XP automatically hides this icon among those that have not been recently used. Users can prevent Windows XP from hiding this icon by following this procedure:


Step 1 Go to the taskbar where the tray icons are displayed and right click the left angle bracket ( < ).

Step 2 Select Customize Notifications...

Step 3 Select Cisco Systems AnyConnect VPN Client and set to Always Show.