https://community.cisco.com/t5/network-security/implementing-remote-access-vpn-in-secure-firewall-in-evaluation/m-p/5336203#M1123049 <P>Thanks a lot. Very informative...&nbsp;I appreciate the help.</P> Mon, 06 Oct 2025 14:41:58 GMT rezaalikhani 2025-10-06T14:41:58Z https://community.cisco.com/t5/network-security/implementing-remote-access-vpn-in-secure-firewall-in-evaluation/m-p/5335663#M1123023 <P data-start="131" data-end="152"><STRONG data-start="131" data-end="150">Hello everyone,</STRONG></P> <P data-start="154" data-end="284">I would like to know if it is possible to implement Remote Access VPN on Cisco Secure Firewall while running in Evaluation Mode?</P> <P data-start="154" data-end="284">I have already completed all the required configuration steps and enabled <STRONG>IPsec/IKEv2</STRONG> with the <STRONG>DES</STRONG> algorithm. However, when the client attempts to connect to the firewall remotely, it encounters the following event:</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="rezaalikhani_0-1759490051056.png" style="width: 999px;"><img src="https://community.cisco.com/t5/image/serverpage/image-id/252957iE5A01427124C0ADC/image-size/large?v=v2&amp;px=999" role="button" title="rezaalikhani_0-1759490051056.png" alt="rezaalikhani_0-1759490051056.png" /></span></P> <P>Any ideas?</P> <P>Thanks</P> <P>&nbsp;</P> Fri, 03 Oct 2025 11:15:53 GMT https://community.cisco.com/t5/network-security/implementing-remote-access-vpn-in-secure-firewall-in-evaluation/m-p/5335663#M1123023 rezaalikhani 2025-10-03T11:15:53Z https://community.cisco.com/t5/network-security/implementing-remote-access-vpn-in-secure-firewall-in-evaluation/m-p/5335697#M1123032 <P>The web portal (for client services) will require strong encryption for SSL/TLS to securely negotiate with any modern browser. For that you will need a registered license associated with a Smart License account.</P> <P>You can get a registered evaluation license - either via your partner or (if you are a partner yourself) directly from Cisco via a Global Virtual Engineering (GVE) request.</P> Fri, 03 Oct 2025 14:11:47 GMT https://community.cisco.com/t5/network-security/implementing-remote-access-vpn-in-secure-firewall-in-evaluation/m-p/5335697#M1123032 Marvin Rhoads 2025-10-03T14:11:47Z https://community.cisco.com/t5/network-security/implementing-remote-access-vpn-in-secure-firewall-in-evaluation/m-p/5336182#M1123047 <P><a href="https://community.cisco.com/t5/user/viewprofilepage/user-id/146869">@rezaalikhani</a>&nbsp;please note further that when the Secure Client negotiates the SSL/TLS handshake with a VPN headend, it will propose 22 supported cipher suites (see below). What they all have in common is that they all use AES128 or AES256. If the headend does not have a license from Cisco, it will not support AES of any type and thus the error you cited will appear.</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="MarvinRhoads_0-1759755839144.png" style="width: 981px;"><img src="https://community.cisco.com/t5/image/serverpage/image-id/253098i13C980BDB39C2480/image-dimensions/981x734?v=v2" width="981" height="734" role="button" title="MarvinRhoads_0-1759755839144.png" alt="MarvinRhoads_0-1759755839144.png" /></span></P> <P>&nbsp;</P> Mon, 06 Oct 2025 14:41:41 GMT https://community.cisco.com/t5/network-security/implementing-remote-access-vpn-in-secure-firewall-in-evaluation/m-p/5336182#M1123047 Marvin Rhoads 2025-10-06T14:41:41Z https://community.cisco.com/t5/network-security/implementing-remote-access-vpn-in-secure-firewall-in-evaluation/m-p/5336203#M1123049 <P>Thanks a lot. Very informative...&nbsp;I appreciate the help.</P> Mon, 06 Oct 2025 14:41:58 GMT https://community.cisco.com/t5/network-security/implementing-remote-access-vpn-in-secure-firewall-in-evaluation/m-p/5336203#M1123049 rezaalikhani 2025-10-06T14:41:58Z