Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

Anyconnect VPN client question

Hello,

I'm looking into using the anyconnect VPN client, I saw a consultant I was working with connect to his work and use a java based VPN client which disappeared after he logged off.  I really want to use this, I have a Cisco ASA 5520 and I currently have it set up with users using the Cisco VPN client to connect, what do I need to get this anyconnect VPN client to work on my ASA.

  1. How do I know I'm licensed to do this?  My license key says I can do 750 VPN peers, but shared VPN licensing is disabled and anyconnect essentials is also disabled, does this mean I can't do it?
  2. When I go through the VPN wizard it asks for a digital cert, do I have to create one or do I have to buy one?
  3. Can you create different profiles for users as we currently have the Cisco VPN client so Sales, Finance and HR can only connect to there systems and IT can connect to all, how can this be done on the anyconnect client?

Thanks

3 REPLIES
Silver

Re: Anyconnect VPN client question

  1. How do I know I'm licensed to do this?  My license key says I can do 750 VPN peers, but shared VPN licensing is disabled and anyconnect essentials is also disabled, does this mean I can't do it?
In your show version you should see ssl vpn peers. By default it is 2. You can increase this number by purchasing the required ssl vpn license or Anyconnect essentials license. You can go through the doc below for licensing options

2. When I go through the VPN wizard it asks for a digital cert, do I have to create one or do I have to buy one?

You can either generate a self signed cert or a third party cert. Third party is usually trusted by clients ( well know CAs) and wont prompt you a cert warning when you connect. For using certs you can refer the below links:

3.Can you create different profiles for users as we currently have the Cisco VPN client so Sales, Finance and HR can only connect to there systems and IT can connect to all, how can this be done on the anyconnect client?

You can connect the users to different connection profiles using Anyconnect. The users will get a drop down menu for which tunnel group to connect to when they login. These tunnel groups can have their own group-policy based on the group they connect. Also you could use client profiles on individual PCs to connect to individual profiles. The profile is an xml file that is pushed from the ASA to the client the first time it connects to the right group-policy. The profile has to be uploaded on the ASA for it to be pushed. For more details on AC profiles:

http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnect24/administration/guide/ac03features.html#wp1064149

Community Member

Re: Anyconnect VPN client question

Hi,

Thanks for your help, it says I can only do 2 SSL VPN peers, so does that mean just 2 users at anyone time can connect using the anyconnect VPN client?

Thanks

Silver

Re: Anyconnect VPN client question

yup,thats right. If you buy an ssl vpn license you can increase the same.

281
Views
0
Helpful
3
Replies
CreatePlease to create content