Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Included personal firewall on VPN client

Hi, a quick question about the Cisco VPN client (3.5 and later). Is it possible to use the integrated firewall on VPN client without the VPN30XX concentrator or only the concentrator is able to make a firewall policy for the VPN client and make it work?

Cisco Employee

Re: Included personal firewall on VPN client

The VPN client does have a personal firewall built into it now, this firewall can be enabled all the time, or just when a tunnel is built. Currently only the VPN3000 concentrator can actually push a firewall policy to the client.

If all you want though, is to deny access to the PC except for PC-initiated connections (no-one from outside can initiate a connection to the PC), then this is the standard policy and can be enabled just by selecting the "Stateful Firewall Always On" menu option within the client, no head-end concentrator is needed.