I am a bit confused. What's difference between Anyconnect Essential(L-ASA-AC-E-5510=) and SSL VPN licenses(L-ASA-SSL-PR-25=)? I am trying to serve following goal and bit confused about what to purchase.
1. Allow users to VPN in via SSL and telnet to the unix system.
2. Allow users to use RDP sessions once connected to the windows system.
3. Allow users to let their outlook connect to exchange server once connected.
I need a solution that would download the client(just point browser to https://x.x.x.x) and let the client gets pushed out. I also need another VPN profile that uninstalls any downloaded client when disconnected. The second profile is for travelling people who uses public PC.
Also, do I need Anyconnect Mobile license if wanted to use iPhone or iPad to access the SSL vpn url?
Any reply would be greatly appreciated.
The clients that you mentioned are only for client-based VPN connections.
Client-based VPN connections are two types:
1. IPsec client --> requires the IPsec client
2. SSL-based client ---> requires the AnyConnect
SVC used to be the old version of AnyConnect (not used anymore).
It was supported only in version 7 of the ASA not 8.
For SSL connections:
Client-based --> Need AnyConnect in Flash
Client-less --> No need for any client (browser is in charge of managing the HTTPS connection).
Clientless SSL means that you establish an SSL tunnel to the ASA without a client (AnyConnect).
In other words, the remote computer needs only a browser to establish the secure connection via HTTPS and have access to a web potal that can redirect access to the internal resources. This type of connection (clientless) allows for access to web applications and via port-forwarding you can enable access to other TCP applications.
When you need full network access (emulating the IPsec VPN client) you require the Client-based SSL connection (AnyConnect).
This does not require a webportal, instead provides with complete full network access.
If you use AnyConnect, the client can be pushed from the ASA to the client via the HTTPS connection (and kept on the remote system or removed) depending on the configuration.
If you're looking for a remote SSL connection that can access a portal and log via telnet/RDP you can use clientless SSL with port forwarding.
If you want the remote clients to have full network access (just like if they are sitting in the local network), you will require the AnyConnect.