10-11-2013 04:25 AM - edited 02-21-2020 07:13 PM
Hi,
I need to connect to my enterprise VPN from a tablet running Windows 8.
Until now we have been using VPN clients 5.0.05.0290 on Windows XP and 7 workstations to make VPN connections and everything works well. As the tablet uses Windows 8 I installed the Cisco AnyConnect Client 3.1.04066 but when I open it and type the public IP of the ASA I can't connect to it
I have been reading about it but I'm not sure if I need to change the ASA configuration to allow access from clients using AnyConnect or the present configuration which works perfect with clients using VPN 5.X is enough for the AnyConnect to work.
Do I need a new license to use AnyConnect clients?
Is it possible to have both clients using VPN 5.X and Anyconnect connecting to the ASA?
I add here the output of sh ver in the ASA firewall. Find also enclosed some screenshots of the ASDM.
In screenshot1 I tried enabling the Enable Cisco Anyconnect... in interface outside but the VPN didn't work so I left it as it was in my original configuration (that is how it is in screenshot1)
Thanks in advanced.
show ver
Cisco Adaptive Security Appliance Software Version 8.0(2)
Device Manager Version 6.0(2)
Compiled on Fri 15-Jun-07 19:29 by builders
System image file is "disk0:/asa802-k8.bin"
Config file at boot was "startup-config"
H-4506 up 78 days 19 hours
failover cluster up 78 days 20 hours
Hardware: ASA5520, 512 MB RAM, CPU Pentium 4 Celeron 2000 MHz
Internal ATA Compact Flash, 256MB
BIOS Flash M50FW080 @ 0xffe00000, 1024KB
Encryption hardware device : Cisco ASA-55x0 on-board accelerator (revision 0x0)
Boot microcode : CN1000-MC-BOOT-2.00
SSL/IKE microcode: CNLite-MC-SSLm-PLUS-2.01
IPSec microcode : CNlite-MC-IPSECm-MAIN-2.04
0: Ext: GigabitEthernet0/0 : address is 001d.4524.c420, irq 9
1: Ext: GigabitEthernet0/1 : address is 001d.4524.c421, irq 9
2: Ext: GigabitEthernet0/2 : address is 001d.4524.c422, irq 9
3: Ext: GigabitEthernet0/3 : address is 001d.4524.c423, irq 9
4: Ext: Management0/0 : address is 001d.4524.c41f, irq 11
5: Int: Not used : irq 11
6: Int: Not used : irq 5
Licensed features for this platform:
Maximum Physical Interfaces : Unlimited
Maximum VLANs : 150
Inside Hosts : Unlimited
Failover : Active/Active
VPN-DES : Enabled
VPN-3DES-AES : Enabled
Security Contexts : 2
GTP/GPRS : Disabled
VPN Peers : 750
WebVPN Peers : 2
Advanced Endpoint Assessment : Disabled
This platform has an ASA 5520 VPN Plus license.
Serial Number: JMX1151L2JN
Running Activation Key: 0x2b18475c 0x9cd6f626 0xe4f33978 0x8a3c7874 0x470bbfa8
Configuration register is 0x1
Configuration last modified by enable_15 at 10:40:46.933 CEDT Fri Oct 11 2013
10-11-2013 07:31 AM
Mobile remote access VPN clients (iOS, Android etc.) require the Anyconnect for Mobile license. In your case, the part number would be L-ASA-AC-M-5520=.
However, please be advised the Anyconnect for Mobile has a prerequisite of ASA software at least 8.0(3). you 8.0(2) will not support that license. If you have smartnet support, I would advise upgrading to at least 8.2(5). That the latest release that doesn't require a memory upgrade or change the syntax (NAT etc.).
10-14-2013 02:06 AM
Thanks a lot for your help.
I only have one Windows 8 device with AnyConnect. I don't have IOS or Android devices. Is Anyconnect Mobile the only license I need? Do I also need Anyconnect Essentials?
I read in http://www.cisco.com/en/US/partner/docs/security/asa/asa82/license/license82.html#wp197165 that:
By default, the security appliance includes an AnyConnect Premium license for 2 sessions. This would be enough for me as I only need access for one Windows 8 tablet.
Is this license available in my case? I can't see it in the show ver command.
Thanks.
10-14-2013 07:43 AM
You won't see it on your 8.0(2) system because they have changed the packaging to introduce the licensing you are asking about later on.
Once you get your system onto 8.2 you will see the default two AnyConnect Premium licenses. The only way it would not be available would be if you were to install and activate AnyConnect Essentials licenses (because you must choose from either Essentials or Premium).
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide