I am an independent contractor in need of the Cisco VPN Client for both Windows and Mac. Last I recall (circa 2006) both of these were free and readily avaialble but apparently one must now be a Cisco Partner if I understand correctly.
I have no need to become a Cisco Partner but my customer needs me to log in remotely.
Any advice on how I can obtain these Clients?
I would advise you to obtain the installation package from your customer. If they are already using the VPN Client, that means they would already have the installation package or they would have access to download the software from Cisco or through their Partner.
Unfortunately the client is unable to locate the VNC software.
If Cisco is provided with the S/N of the Unit (or other info as needed), from whom can the VNC Client be obtained?
Here is the link to download Cisco VPN Client sofware:
Please kindly note that you would need to have a CCO ID that entitles you to download software from cisco.com site to be able to download the software.
Hope that helps.
Thanks Jen, it helps very much indeed.
>Please kindly note that you would need to have a CCO ID that entitles you to download software from cisco.com site to be able to download the software.
I take it the customer will have this? I am unfamillar with the term "CCO ID".
They did have a CD that shipped with the ASA-5505 but are unable to locate it. Can (and how) is another copy obtainable?
Again, thank you.
You can obtain all software from cisco.com website, however, you will need to have a cisco.com ID (CCO ID) that is linked to a Smartnet contract to be able to download software.
I assume the customer should have one.
CCO ID = Cisco User ID.
I have that but only in so much as it will allow me to log into the Site, Forums, etc. I take it that it is more than that?
I think that it is fairly clear that Richard (or Lyman or whoever is posting as the ID changes) does not have download privileges from CCO. So the question becomes does their client have a maintenance contract that would allow them to download software? If the client does have download privileges, then the client could download the software and provide it to them. If the client does not have a maintenance contract then perhaps the client should think about purchasing a maintenance contract.
Thank you both. 'Rich' is a nickname.
I had been told that a CD shipped with the ASA-5505 and that the CD included the Cisco VPN Client. Is this correct? If not, then it is pointless to look for the CD soley for the purpose of the VPN Software.
Typically the ASA 5505 does ship with a CD that includes the VPN client. If the customer can find the CD then that is the easy solution. If the customer does not find the CD then what we have been talking about are alternatives to be able to download copies of the VPN client that depend on having a maintenance contract (SmartNet) that would include code download privileges.
Once you're connected with the Cisco VPN Client, what interface is used to work with the device? I.e., a web browser?
I am not clear what you are really asking here. Your original post talked about needing the VPN client so that you could connect to an ASA at a customer site. The VPN connection could give you access to any device within the customer network. If you are talking about accessing the ASA and working with it then there are several options depending on how the ASA has been configured. One possibility is to telnet to the ASA and work with the command line interface on the ASA. A better (more secure) alternative would be to SSH to the ASA and work with the command line interface. Or another alternative would be to work from the GUI. on the ASA the GUI is ASDM. If it is not the ASA then what device are you asking about?
>Or another alternative would be to work from the GUI. on the ASA the GUI is ASDM. If it is not the ASA then what device are you asking about?
It is the ASA-5505. I have the Cisco VPN Client and would like to work with a GUI which I now know is the ASDM. I thought perhaps one could, once connected via the Cisco VPN Client, administer the 5505 via HTTP or web browser if you will.
Sorry for any confusion! Your assistnace is greatly apprecaited.
Ok if it is the ASA that you want to administer then here are a couple points that may be helpful.
- make sure that the ASA is configured to use ASDM. there is a config command that points to the ASDM code file name.
- the ASA configuration specifies address ranges from which it will accept web based management connections. make sure that it is configured to accept your management connection attempt.
- ASDM is java based, and operates on TCP 443 (looks like HTTPS). There is an option to install it on your PC and an option to load and run it when you connect to the ASA.
- you can get ASDM from the ASA. use your browser and go to https://
this should give you the options to install the applet or to load and run the applet.
It went very well today - was able to get into the Cisco ASA-5505 using ASDM and thanks for your help.
Once into the FW while on-site I was able to confirm that VPN access is enabled. I created a VPN account for myself with a Priv Level of 0 (as other Users have so as to replicate what they are seeing) yet for whatever reasons when home I am unable to see the network (Workgroup) of systems even though I am able to Map a drive and can ping internal devices.
The other issue is that I am unable to log into the FW remotely and am not certain why.
Any further guidance as to why the network of Users systems are not showing up from home would be greatly appreciated!
On a side note, should the Priv Level be higher for administration purposes?
Setting the privilege level of VPN users to 0 would allow them to authenticate on the ASA and to use VPN to access resources within the network and would prevent them from doing much of anything (especially would prevent them from making any changes) on the ASA itself. As an administrator you certainly should have a privilege level greater than 0. In general administrators should have privilege level of 15.
Perhaps you can clarify the issue about not being able to login to the ASA remotely? How are you attempting to login remotely? Is it telnet, or SSH, or ASDM, or something else? As I mentioned in a previous post, the ASA permits and denies administrative access (telnet, SSH, ASDM) based on configuration statements which permit access from specified IP addresses (or subnets or networks) on specified interfaces. If you are in privilege mode on the command line of the ASA you could use these commands to see what is configured
show run | include telnet
show run | include ssh
show run | include http
Thank you again for the excellent information.
If I can bother someone once more, while I am able to remotely map a drive I am unable to browse any systems on the Network when remote. Any thoughts as to why?
Most probably, it is going to be a configuration issue on the VPN server. All configuration is pushed from VPN server towards the VPN Client when you are connecting from your vpn client.
Can you check if the VPN server has been configured to allow access to browse those systems on the corporate network?
Will do, and thank you! If not pre-existing, would a rule have to be created for this or would there be in effect a selection box?