Chapter 38
Configuring AnyConnect VPN Client Connections
Using Compression
Compression increases the communications performance between the security appliance and the client
by reducing the size of the packets being transferred for low-bandwidth connections. By default,
compression for all SSL VPN connections is enabled on the security appliance, both at the global level
and for specific groups or users.
Compression must be turned-on globally using the compression svc command from global
configuration mode, and then it can be set for specific groups or users with the svc compression
command in group-policy and username webvpn modes.
Changing Compression Globally
To change the global compression settings, use the compression svc command from global
configuration mode:
To remove the command from the configuration, use the no form of the command.
In the following example, compression is disabled for all SSL VPN connections globally:
hostname(config)# no compression svc
Changing Compression for Groups and Users
To change compression for a specific group or user, use the svc compression command in the
group-policy and username webvpn modes:
By default, for groups and users, SSL compression is set to deflate (enabled).
To remove the svc compression command from the configuration and cause the value to be inherited
from the global setting, use the no form of the command:
In the following example, compression is disabled for the group-policy sales:
hostname(config)# group-policy sales attributes
hostname(config-group-policy)# webvpn
hostname(config-group-webvpn)# svc compression none
Adjusting MTU Size
You can adjust the MTU size (from 256 to 1406 bytes) for SSL VPN connections established by the
client with the svc mtu command from group policy webvpn or username webvpn configuration mode:
This command affects only the AnyConnect client. The legacy Cisco SSL VPN Client (SVC) is not
capable of adjusting to different MTU sizes.
The default for this command in the default group policy is no svc mtu. The MTU size is adjusted
automatically based on the MTU of the interface that the connection uses, minus the IP/UDP/DTLS
overhead.
This command affects client connections established in SSL and those established in SSL with DTLS.
OL-12172-03
compression svc
no compression svc
svc compression {deflate | none}
no svc compression {deflate | none}
[no] svc mtu size
Configuring Advanced SSL VPN Features
Cisco Security Appliance Command Line Configuration Guide
38-15