×

Warning message

  • Cisco Support Forums is in Read Only mode while the site is being migrated.
  • Cisco Support Forums is in Read Only mode while the site is being migrated.

ipsec vpn client

Unanswered Question
Dec 4th, 2013
User Badges:

Hi,


We would be setting up an remote access ipsec vpn on asa & following the cisco documentation on it.

But, can we just download any vpn client available on cisco site to be installed at users laptop or is there any specific ones we need to look at.



Thanks in advance.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Jouni Forss Wed, 12/04/2013 - 05:53
User Badges:
  • Super Bronze, 10000 points or more

Hi,


If you are referring to the old IPsec VPN client then naturally go for the latest version (5.x) for your operating systems. You should need a service contract to download those.


Using the old VPN Client instead of AnyConnect probably isnt a good long term solution but should still work.



- Jouni

suthomas1 Wed, 12/04/2013 - 06:37
User Badges:

Thanks.


But if we were to use anyconnect instead of old vpn, i believe we will need to setup SSL VPN on the asa. Please correct if wrong

& we have some limitations on the anyconnect license.

Jouni Forss Wed, 12/04/2013 - 06:45
User Badges:
  • Super Bronze, 10000 points or more

Hi,


Yes, AnyConnect is a SSL VPN Client though to my understanding you can do IKEv2 but that requires the use of certificates. I am hopelessly lost with regards to that kind of setup as I have never even tried it nor have I ever used certificates with VPN connections.


The default ASA only contains license for 2 SSL VPN Client or 2 SSL Clientless VPN users. AnyConnect Essentials is required to be able to use the SSL VPN Client. AnyConnect Premium is to my understanding required if you want to do both SSL VPN Client and SSL Clientless.


Here are some additionals links with regards to SSL VPNs


http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnect31/feature/guide/anyconnect31features.html


http://packetpushers.net/cisco-asa-licensing-explained/


- Jouni

suthomas1 Wed, 12/04/2013 - 07:00
User Badges:

Thanks Joni.

I guess in our case due to limitations, we have to stick with remote vpn using usual vpn client.

Actions

This Discussion