cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
582
Views
0
Helpful
1
Replies

Cisco ASA upgrade - enabling Umbrella Roaming Client

Hello Experts 


Looking to upgrade Cisco ASA code to asa9-14-4-23-smp-k8.bin and associated ASDM. 
We are also planning to enable Umbrella roaming client option within AnyConnect Package provisioned through ASA. 

Want to confirm, do I need to anything else than adding these commands. Does it has to be in default Policy ? or it can be in other policy ?

webvpn

anyconnect profiles OrgInfo disk0:/OrgInfo.json

group-policy DfltGrpPolicy attribute

webvpn

anyconnect profiles value OrgInfo type umbrella

Also want to update ASA sfr module, do not know how to do it ?  do I need to update FMC module along with it or its optional ?

 

Thanks

 

1 Reply 1

@LovejitSingh130013 you need to configure the group-policy that is in use, so it depends on how you've configured your tunnel-group. Run "show vpn-sessiondb detail anyconnect" find an active session and determine the group-policy assigned to the users' session.

To upgrade your SFR module refer to the upgrade guide - https://www.cisco.com/c/en/us/td/docs/security/asa/upgrade/asa-upgrade/firepower-fmc.html

You will need to determine whether your hardware supports an SFR upgrade, refer to the compatibility section - https://www.cisco.com/c/en/us/td/docs/security/asa/upgrade/asa-upgrade/planning.html

The FMC will need to be running the intended version of the FPR module or higher, so you many need to check whether the FMC needs upgrading.

 

Review Cisco Networking for a $25 gift card