cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1060
Views
0
Helpful
5
Replies

SSL or IPSEC

WonderfulIT
Level 1
Level 1

Hi all,

 

Quick question. If i've setup anyconnect on an ISR4431 using a self signed certificate and a local user database do i use IPSEC on the profile setup or SSL ?  I've read quite a few posts but it's not very clear.

 

Thanks

5 Replies 5

balaji.bandi
Hall of Fame
Hall of Fame

If you looking remote user to get in to your office or soho network using VPN, then SSL is the method to use.

 

follow below guide :

 

https://www.cisco.com/c/en/us/support/docs/security/anyconnect-secure-mobility-client/200533-AnyConnect-Configure-Basic-SSLVPN-for-I.html

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Martin Carr
Level 4
Level 4

As said, SSL for remote access, using either X509 or another solution for 2FA.

 

Be aware that by default, Anyconnect will block connections with self-signed certs, you need to disable this option in the preferences and even then you will get a warning upon connecting.

 

Martin

Is this the "block connections to untrusted servers" setting or another one ?

Yes, it is.

Martin

Unless something changed recently, SSLVPN is not supported on the ISR4k. AnyConnect with IPsec is supported.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: