01-31-2008 12:40 PM - edited 02-21-2020 03:31 PM
I see EOL messages on the VPN Concentrators homepage. Are these being replaced with ASA 5500 devices?
Second question, then will the ASA 5500 VPN editions support Vista Clients with some type of Mandatory Client Firewall Enabled Detection Policy?
Meaning, you require Vista to have a firewall enabled before it connects to your network via VPN. Otherwise, its a big gaping hole in your network.
01-31-2008 07:49 PM
Yes, VPN3000's are being replaced by the ASAs.
Regarding client firewall, I think you are talking about the Push Policy or Central Protection Policy (CPP).
http://www.cisco.com/en/US/docs/security/asa/asa72/configuration/guide/vpngrp.html#wp1182773
Regards,
Arul
** Please rate all helpful posts **
02-01-2008 12:17 PM
02-01-2008 12:23 PM
Awesome thanks for the screenshot. And this is the built in windows Vista Firewall that this is talking about? Or some ASA specific software VPN client for Vista?
02-01-2008 12:30 PM
No, it doesn't list the Windows firewall specifically but does allow you to configure some custom properties (see attached).
Also, keep in mind that unless you're doing split tunneling, the firewall doesn't add that much more value (I would argue against that though if the user isn't behind a hardware based firewall).
02-01-2008 12:36 PM
Great! thanks for the information and the screen shots. Thats a big help.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide