I guess this is OK news, but what about all the other non-Sansung android devices?  Still seems like a half-baked solution.  I don't mean to be rude, but Cisco has been dragging their feet on this for over a year.  Regardless of wether the problem lies with Cisco or with Android-splintering, as some would suggest, the fact remains that this is a key piece of missing software on the Android platform.

It makes Cisco look bad because end-users say "Well, Apple can do it."  CEO/CIOs don't really care about the details when you tell them their device doesn't work.

just a comment.

dannon

Google knows that Android is not mature enough for corporate market, so the latest releases of Android are putting a bit more focus on that -as far as I know-, one of the consequences of that would be the release from Cisco including support for Gingerbread.

In the other hand, push a company, Juniper, Nortel, Cisco.... to develop a vpn client -which requites low-level changes and for sure administrative/root permissions- is not something easy without compromise the whole android firmware-image.

Not the latest update but... look:

http://static.intomobile.com/wp-content/uploads/2010/09/android-gains-corporate-market1.jpg

I dont know with all the details how are working the privileges under android but so far, in the htc desire Z, 'su' not working, 'sudo' not working... pam? I didn't research about it.

Nowdays the only solution you could have for previous releases is to root the device, and after that, install a software or a new image with maybe other features.

Anyway, the situation looks better, the step from Cisco is postive.

L2TP configuration should be fine if you can deploy it, I have the L2TP config here deployed in all HTCs with Android and the IP address plan as well the user profiles is fully transparent to the user, I mean, quite smooth, same usernames, for the ipsec vpns aswell the l2tp, same ips -means no changes per ip/user un the firewall-, automatic next-hop routing with RIP... pretty pretty smooth.

Maybe a commercial idea would be to do VPN gateways for this issue and sell services but I think I was checking that and it is being sold right now over the net, and also, who would like to finish the VPN in a third party box? not me.

PD: I would like a pure VPN Cisco VPN client and support for Novell GroupWise but... c'est la vie.

Cisco would like to be able to offer AnyConnect for ALL Android platforms as it would have been roughly the same amount of engineering work for us as supporting our first partner.  Unfortunately this is not possible as stock Android (both Gingerbread and Honeycomb) do not allow for 3rd party VPN clients. 

If you would like to put in a kind word for this request, you may do so at:

http://code.google.com/p/android/issues/detail?id=9160

Cisco has released AnyConnect for Samsung Android. It is supported on various Samsung platforms (described in the Application Description) and can be obtained from the Android Market at:

https://market.android.com/details?id=com.cisco.anyconnect.vpn.android

I tried the AnyConnect app on a Samsung Galaxy Tab 7. Prior to this weekend the tab was running the older version of Android (2.2) and wouldn't run it. They released 2.4 over the weekend (at least that when my tablet got it) and I installed it. The app runs now, attempts to login, but gives an error that it's missing the "TunTap driver."

Is this something Cisco will correct, or does something else need to be installed? According to the application description AnyConnect will work this device with Android 2.3 or later.

Hi Andrew,

We have raised this to the attention of Samsung. Unfortunately Cisco does not have permissions on the system to run tuntap (tun.ko) as it must be launched with special permissions by the OS itself.  Once we hear back from them to determine if this will get corrected and if so when, we will let you know.  (I assume this is the Tab 7 on Sprint you experiencing this on)

Best Regards,

Pete Davis

Hi Balazs,

the VPN3000 concentrator certificate ( that it presents to the client ) is not trusted, so you probably need to add it to the trusted certificate store on the Android. The second issue is that, although VPN3000 supports SSL VPN, it does not support the AnyConnect for Android. Checck out the AnyConnect for Android Release notes for the details on the supported Platforms on this link :

http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnect24/release/notes/rn-ac2.4-android.html

Regards, Marko

Dear Marko,

many thanks for your prompt reply, but how can I transfer / add the pcf file to Android trusted certificate store?

Best regards,

Balázs

The VPN 3000 is an EoL'ed product family. It does not support AnyConnect on any operating system. You would want to upgrade to the ASA to leverage AnyConnect.

If you would like to put in a good word for Google providing the necessary hooks for Cisco AnyConnect support, please feel free to direct your comments to:

    http://code.google.com/p/android/issues/detail?id=9160

    http://code.google.com/p/android/issues/detail?id=3902

Ensure that you 'star' (or 'up-votes') the topic so that the issues are more prominent on the bug rankings. Only adding comments will not increase the visibility of the issue.

Apple's client is designed to be compatible with the Cisco Easy VPN (like the Cisco VPN Client), while Android provides a generic L2TP/IPsec client only.

Is Cisco AnyConnect considered as an L2TP/IPSec VPN client?