cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
19009
Views
15
Helpful
30
Comments
Jo Kern
Cisco Employee
Cisco Employee

The Cisco RV340 Series of VPN routers and Cisco AnyConnect Secure Mobility Client

 

anyconnectball.pngApril 2019

The RV340 Series consists of the models: RV340, RV340W, RV345, and RV345P and they support remote access tunnel termination of the best selling and easy to use Cisco AnyConnect Secure Mobility Client.
This document describes the requirements on the client and server side to use SSL Tunnels with Cisco Anyconnect Client.
 
To use Cisco Anyconnect on the client side:

Cisco AnyConnect Secure Mobility Client is available on all major desktop and mobile devices (examples Windows 10, MacOS X, Android, Apple iOS ). It provides:
  • Flawless integration in host OS
  • Easy setup
  • Secure remote access from anywhere to your company
  • Ideal for road warriors
  • Easy user-based license for all devices
  • Leading remote access solution worldwide
To use the Cisco AnyConnect Secure Mobility Client you are required to purchase a Cisco AnyConnect Secure Mobility Client user license.  We recommend (as of March 2019) for use with the RV340 Series:
  • For mobile devices (Android, Apple IOS) you can download mobile apps for free from the respective app stores and try it out.
 
On the server side:

RV340 Series supports SSL VPN connections from a mobile device using the Cisco AnyConnect Secure Mobility Client.
 
Starting firmware release 1.0.3.15 ( released April 2019 ) no extra server license will be required and 50 tunnels on the server (RV340 Series) are enabled by default.
With firmware release 1.0.2.16 and earlier you have 2 SSL tunnels on the RV340 Series by default. To use more than 2 tunnels at the same time you can increase the number of tunnels using a software license:

 

LS-RV-ACS-25-1YR=
 
This is only valid for firmware 1.0.2.16 and earlier. With the free firmware update 1.0.03.15 this license will not be required to support up to 50 tunnels.
Customers who have an active subscription of 25 tunnels will see no service interruption and will have 50 tunnels available by default after the firmware upgrade to firmware 1.0.03.x and higher. Please contact Cisco technical support if you have concerns about the upgrade.
 
The reason for the change is to simplify deployments and align VPN licensing.  SSL VPN will not require extra licensing on the server side anymore.
 
 
Comments
alphaod
Level 1
Level 1

I updated to the new firmware this afternoon. Seems the update went through just fine except I keep getting a message that I need to update still. I checked the firmware is fine and my configuration is okay, I still get the pop-up and triangle alert icon to update. Seems that's a bug?

 

Anyways in case it's unclear I talked to small business support and they've been quite helpful: they told me if you bought any VPN server licenses that haven't expired, you can get a prorated refund now, since the new firmware the router will come with 50 perpetual licenses. You'll still need to buy the client licenses though.

 

And if you want to use Threat/IPS functionality you don't need to buy the appliance. Looks like Cisco RV34x has finally caught up to every other consumer level router that comes with built-in virus scan and intrusion detection, though you'll need the Webfiltering license if you don't have that.

knollknows
Level 1
Level 1

I am also getting the pop up indicating that a new version is available although it therefore fails once it goes through given the version "available" matches my active installed firmware.

 

 

Jo Kern
Cisco Employee
Cisco Employee

Sorry for the delay in posting. It took some time to get make the firmware  visible on all cisco.com instances.

For the "new software" trigger alarm we investigate why we still see the alarm.

Thx

Jo

Jo Kern
Cisco Employee
Cisco Employee

Hi, the "new software available" icon flashing despite latest sw is installed  has not been reproduced. Again, when our web team posts the software it will take some time until all backend web settings are populated. They post the software and at that moment the database field for latest software still points to the old version. Then they need to update that field as well. And then the web servers need to update.  So they could be a time window of an hour or two where all these fields are not 100% in sync.

alphaod
Level 1
Level 1

Here's the error I get. I took this screenshot just 20 minutes ago. I already edited out personal information. I've encircled the error and my current firmware version. I tried to update the firmware again, but it fails saying my firmware is already the latest.

As you can see it doesn't actually say there is an update available every time. This is one of the errors I get. Just to be clear my original firmware upgrade download, definitely did not fail. It downloaded and installed. You can see my firmware is current and I have been running it for almost a week now. It's not a big problem, it's just annoying that I can't disable the flashing triangle.

firmware_error_image_01-050319.jpg

 

EDIT: Today I tried to "update" to the same firmware version again and it seems to have let me "update." This action seems to have cleared the flashing triangle error I've been getting. I didn't need to erase any settings.

Jo Kern
Cisco Employee
Cisco Employee
Thx for the update.
I understand your concern. We are investigating why this shows up for you but not for other installs.
Reg
Jo
clovenguth
Level 1
Level 1

I have now updated 7 or 8 RV345 routers and I'm getting this flag to update after updating firmware either directly from Cisco, or from a downloaded copy. It has happened 100% of the time for me at multiple job sites.

 

Also the bug is back that if you update from a new router out of box to 1.0.03.15 and then add a new VLAN, you cannot check the device management box on VLAN 1 and after hitting apply you lose all access to the router GUI and have to factory reset. Only work around is to first update to an older firmware like 1.0.02.16 before going to 1.0.03.15.

Jo Kern
Cisco Employee
Cisco Employee

Hi, we identified the bug for the new firmware pop up. 

"The GUI issue has no privilege to update the internal file (.../downloadstatus) at backend to disable the alert message at first login."
We will fix that in next release.
 
For the VLAN issue i will have a case being opened.
 
Jo
Jo Kern
Cisco Employee
Cisco Employee

Hi all,

the firmware update issue with VLAN1 and management VLAN has been reproduced.

We checked all update scenarios and it has been reproduced when you migrate from 1.0.01.17 or earlier directly to 1.0.03.15. as @clovenguth rightly mentioned.

Will be addressed in next release.

Best

Jo

Zaronn
Level 1
Level 1

Hi. I also got this "new firmware popup" after updating to 1.0.03.15.

 

But I have another and bigger concern that's not fixed in the latest firmware. The Content Filtering is not working properly at all. If you have an address in the Content Filter you want to block, it will be blocked if you type the address directly in your browser. But if you visit the same site from another point (like google search, link etc) it will NOT be blocked! Thats not good at all. Hope you will fix this soon. Thanks in advance.

So this says a license will not be required to support up to 50 tunnels. However, I can't use any tunnels because I can't down anyconnect client. The software site says I still need a license(s):  AnyConnect 4.7 is available to customers with active AnyConnect Apex, Plus or VPN Only term/contracts.  So I don't get what has changed. I don't need client connection licenses but I need anyconnect licenses. This is very confusing.

alphaod
Level 1
Level 1

For SSLVPN on all Cisco security appliances you need a *server* license. These are sold in batches of 25. To use the AnyConnect client you need a *client* license. These are sold individually but the minimum purchase is 25 seats. On iOS and Android, Cisco can’t really block downloads but their desktop clients require a *client* license to download.

 

So with the latest update, we are no longer required to buy *server* licenses. Yes this mean before this update to use SSLVPN you need not only buy the router, you need SSL certificate, server license, and client licenses. Yes it’s expensive. It’s also how Cisco makes most of them money. The server license for 25 seats costs almost as much of many other routers on the market so it’s quite a saving. 

Jo Kern
Cisco Employee
Cisco Employee

Hi, it might have been confusing.

 

Facts: you never needed any licenses to operate the RV340 with Anyconnect SSL VPN because:

 

a) from the beginning 2 server tunnels were always free, only to upgrade to 25 or 50 you needed a license. Now 50 server tunnels are free.

 

b) the Anyconnect client is free to download for mobile devices ( Android and Apple IOS )  from Google Play Store or Apple Store

 

c) only for Laptops you are required to purchase an Anyconnect Client license to be able to download from cisco.com

 

So there are some restrictions but you can use it for free and when you need more features you can upgrade

 

hope this helps

Jo

 

 

 

cometa_gsm
Level 1
Level 1

hi Jo Kern,

if i buy cisco RV340 and upgrade 10.0.3.16 can i use 50 anyconnect tunnel for free? also interested if supported cisco SPA525G2 IP Phone with RV340 anyconnect VPN?

 

thanks!

Jo Kern
Cisco Employee
Cisco Employee
Hi, the SPA525G2 anyconnect client has not been tested on the RV340. So at the moment I cannot say if it works or not.

For the RV340 with 1.0.3.16 you have 50 anyconnect ssl tunnels included with no extra cost. ( server side )

However you might need licenses on your end devices to use Anyconnect. For Windows for example you are required to purchase Anyconnect User licenses.

Best
Jo
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: