Enabling Anyconnect Keepalives - Cisco 5505 - ASA Firewall Edition Bundle Administrator's Manual

Configuring, Enabling, and Using Other AnyConnect Features
hostname(config-group-policy)# webvpn
hostname(config-group-policy)# svc dpd-interval gateway 30
hostname(config-group-policy)# svc dpd-interval client 10

Enabling AnyConnect Keepalives

You can adjust the frequency of keepalive messages to ensure that an AnyConnect client or SSL VPN
connection through a proxy, firewall, or NAT device remains open, even if the device limits the time that
the connection can be idle. Adjusting the frequency also ensures that the client does not disconnect and
reconnect when the remote user is not actively running a socket-based application, such as Microsoft
Outlook or Microsoft Internet Explorer.
To set the frequency of keepalive messages, use the svc keepalive command from group-policy webvpn
or username webvpn configuration mode:
In the following example, the security appliance is configured to enable the client to send keepalive
messages with a frequency of 300 seconds (5 minutes), for the existing group-policy sales:
hostname(config)# group-policy sales attributes
hostname(config-group-policy)# webvpn
hostname(config-group-webvpn)# svc keepalive 300
Cisco AnyConnect VPN Client Administrator Guide
6-8
[no] svc keepalive {none | seconds}
none disables client keepalive messages.
seconds enables the client to send keepalive messages, and specifies the frequency of the messages
in the range of 15 to 600 seconds.
The default is keepalive messages are disabled.
Use the no form of the command to remove the command from the configuration and cause the value
to be inherited:
Chapter 6 Configuring AnyConnect Features Using CLI
OL-12950-012