Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Anyconnect(WebVPN) client uninstall setup

How do I configure the ASA so that when a client connects from a public computer, such as from a library, that the client will be removed from the PC upon logout and any resident information is scrubbed?  What does the Anyconnect keep-installer command do?

3 REPLIES
Hall of Fame Super Silver

Anyconnect(WebVPN) client uninstall setup

I don't think you can control that remotely. Many public terminals will not even allow a guest user to install programs. Those that do often have third party software to wipe the image clean after logoff (independent of anything you as a provider of a remote service such as you are providing via AnyConnect).

"keep-installer" makes sure the intallation is permanent (i.e. unable to be uninstalled by the client).

I'd suggest looking into Clientless SSL VPN for such an use case.

New Member

Anyconnect(WebVPN) client uninstall setup

What is the difference between Anyconnect and Clientless SSL? They both use the same license, dont they? Both are configured under webvpn.

Hall of Fame Super Silver

Anyconnect(WebVPN) client uninstall setup

With clientless SSL VPN you typically "publish" a subset of your enterprise services (internal websites, mail, file shares, etc.) via your ASA. It does not require installation of AnyConnect software client at all. Once the user logs out (from within the browser) a subsequent user of the public terminal would need to re-authenticate to reach the protected resources.

This link explains more.

Regarding licensing, an "AnyConnect Premium" license is require to allow Clientless SSL VPN.

573
Views
0
Helpful
3
Replies