Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
294
Views
2
Helpful
3
Replies

Implementing Remote Access VPN in Secure Firewall in Evaluation Mode

Go to solution
rezaalikhani
VIP
VIP

‎10-03-2025 04:15 AM

Hello everyone,

I would like to know if it is possible to implement Remote Access VPN on Cisco Secure Firewall while running in Evaluation Mode?

I have already completed all the required configuration steps and enabled IPsec/IKEv2 with the DES algorithm. However, when the client attempts to connect to the firewall remotely, it encounters the following event:

rezaalikhani_0-1759490051056.png

Any ideas?

Thanks

 

0 Helpful
2 Accepted Solutions

Accepted Solutions

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎10-03-2025 07:11 AM

The web portal (for client services) will require strong encryption for SSL/TLS to securely negotiate with any modern browser. For that you will need a registered license associated with a Smart License account.

You can get a registered evaluation license - either via your partner or (if you are a partner yourself) directly from Cisco via a Global Virtual Engineering (GVE) request.

View solution in original post

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎10-06-2025 06:04 AM - edited ‎10-06-2025 07:41 AM

@rezaalikhani please note further that when the Secure Client negotiates the SSL/TLS handshake with a VPN headend, it will propose 22 supported cipher suites (see below). What they all have in common is that they all use AES128 or AES256. If the headend does not have a license from Cisco, it will not support AES of any type and thus the error you cited will appear.

MarvinRhoads_0-1759755839144.png

 

View solution in original post

3 Replies 3

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎10-03-2025 07:11 AM

The web portal (for client services) will require strong encryption for SSL/TLS to securely negotiate with any modern browser. For that you will need a registered license associated with a Smart License account.

You can get a registered evaluation license - either via your partner or (if you are a partner yourself) directly from Cisco via a Global Virtual Engineering (GVE) request.

Go to solution
Marvin Rhoads
Hall of Fame
Hall of Fame

‎10-06-2025 06:04 AM - edited ‎10-06-2025 07:41 AM

@rezaalikhani please note further that when the Secure Client negotiates the SSL/TLS handshake with a VPN headend, it will propose 22 supported cipher suites (see below). What they all have in common is that they all use AES128 or AES256. If the headend does not have a license from Cisco, it will not support AES of any type and thus the error you cited will appear.

MarvinRhoads_0-1759755839144.png

 

Go to solution
rezaalikhani
VIP
VIP
In response to Marvin Rhoads

‎10-06-2025 07:41 AM

Thanks a lot. Very informative... I appreciate the help.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card