Is anyconnect 4.9 supported on an ASA-5516x? According to the release notes it states:
DTLSv1.2 is supported on all ASA models except the 5506-X, 5508-X, and 5516-X and applies when the ASA is acting as a server only, not a client. DTLS 1.2 supports additional ciphers, as well as all current TLS/DTLS ciphers and a larger cookie size.
Does anyconnect 4.9 require DTLS 1.2? My main concern is CVE's that have been published and if these are not fixed in 4.8 will this require an ASA hardware upgrade?
Solved! Go to Solution.
Hi @Rob Ingram
Ok, thanks. It will not allow me to connect to the ASA with 4.9 but I assume this is due to the proper DF groups not being enabled?
@Rob Ingram . Sorry I meant DH groups typo. That was the issue. Once I enabled the supported DH groups it connected. I was a bit confused on the article above stating that DTLS1.2 was required. I guess that is for additional features, or as @balaji.bandi mentioned, this is for business compliance requirements.