We have 3 VPN concetrators and an ASA 5520. My first question is, can we do SSL VPN with a Cisco ASA now? Do I need any specific Cisco software to accomplish this? And does it come with a product similar to host checker so one can perform NAC functions?
Second, is there an application out there that will convert a Cisco VPN Concentrator 3060 configuration to Cisco ASA 5520 configuration?
I appreciate all the time and effort you all put into this and thank you for all teh help in the past.
there are a few but sparse documents, describing how to migrate remote access VPN from 3000 concentrators to ASA but the good news is that the main concepts didn't change a lot. A google search of "site:cisco.com migrating remote access vpn from concentrator to ASA will help a lot.
I have to admit I'm not aware of any tool that would convert the config directly, I'm afraid you would need to build the new config yourself.
SSL VPNs are covered on the ASA even with more features than the original concentrator features but only two simultanous connections are included in the standard licences, upgrades can be purchased.
You do not need any special software for SSL VPNs, only the number of simultanous connections is an issue. ASA supports alls variants of Cisco SSL VPNs: clientless (portal, but with enhanced features), thin client (port redirect), CSD (Cisco Secure Desktop) and Cisco Anyconnect.
NAC is also supported from the first version (7.0).
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...