11-25-2010 02:37 PM
I am an independent contractor in need of the Cisco VPN Client for both Windows and Mac. Last I recall (circa 2006) both of these were free and readily avaialble but apparently one must now be a Cisco Partner if I understand correctly.
I have no need to become a Cisco Partner but my customer needs me to log in remotely.
Any advice on how I can obtain these Clients?
Thanks,
Richard
12-08-2010 06:43 AM
Thanks Rick.
>Or another alternative would be to work from the GUI. on the ASA the GUI is ASDM. If it is not the ASA then what device are you asking about?
It is the ASA-5505. I have the Cisco VPN Client and would like to work with a GUI which I now know is the ASDM. I thought perhaps one could, once connected via the Cisco VPN Client, administer the 5505 via HTTP or web browser if you will.
Sorry for any confusion! Your assistnace is greatly apprecaited.
Rich
12-08-2010 07:19 AM
Rich
Ok if it is the ASA that you want to administer then here are a couple points that may be helpful.
- make sure that the ASA is configured to use ASDM. there is a config command that points to the ASDM code file name.
- the ASA configuration specifies address ranges from which it will accept web based management connections. make sure that it is configured to accept your management connection attempt.
- ASDM is java based, and operates on TCP 443 (looks like HTTPS). There is an option to install it on your PC and an option to load and run it when you connect to the ASA.
- you can get ASDM from the ASA. use your browser and go to https://
this should give you the options to install the applet or to load and run the applet.
HTH
Rick
12-08-2010 08:48 AM
Rick,
Absolutely outstanding, thank you very much!
Rich
12-08-2010 07:26 PM
Greetings,
It went very well today - was able to get into the Cisco ASA-5505 using ASDM and thanks for your help.
Once into the FW while on-site I was able to confirm that VPN access is enabled. I created a VPN account for myself with a Priv Level of 0 (as other Users have so as to replicate what they are seeing) yet for whatever reasons when home I am unable to see the network (Workgroup) of systems even though I am able to Map a drive and can ping internal devices.
The other issue is that I am unable to log into the FW remotely and am not certain why.
Any further guidance as to why the network of Users systems are not showing up from home would be greatly appreciated!
On a side note, should the Priv Level be higher for administration purposes?
Best,
Rich
12-09-2010 06:05 AM
Rich
Setting the privilege level of VPN users to 0 would allow them to authenticate on the ASA and to use VPN to access resources within the network and would prevent them from doing much of anything (especially would prevent them from making any changes) on the ASA itself. As an administrator you certainly should have a privilege level greater than 0. In general administrators should have privilege level of 15.
Perhaps you can clarify the issue about not being able to login to the ASA remotely? How are you attempting to login remotely? Is it telnet, or SSH, or ASDM, or something else? As I mentioned in a previous post, the ASA permits and denies administrative access (telnet, SSH, ASDM) based on configuration statements which permit access from specified IP addresses (or subnets or networks) on specified interfaces. If you are in privilege mode on the command line of the ASA you could use these commands to see what is configured
show run | include telnet
show run | include ssh
show run | include http
HTH
Rick
12-10-2010 05:48 PM
Thank you again for the excellent information.
If I can bother someone once more, while I am able to remotely map a drive I am unable to browse any systems on the Network when remote. Any thoughts as to why?
Thanks again,
Rich
12-10-2010 06:02 PM
Most probably, it is going to be a configuration issue on the VPN server. All configuration is pushed from VPN server towards the VPN Client when you are connecting from your vpn client.
Can you check if the VPN server has been configured to allow access to browse those systems on the corporate network?
12-10-2010 06:04 PM
Jennifer,
Thank you again. You're referring to the ASA-5505?
Thank you!
12-10-2010 06:05 PM
yes, correct.
12-10-2010 06:10 PM
Will do, and thank you! If not pre-existing, would a rule have to be created for this or would there be in effect a selection box?
Thanks again.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide