12-14-2010 02:34 AM - edited 02-21-2020 05:01 PM
Hello,
I want to move away from getting users to use the Cisco VPN client and use something like Anyconnect (or SSL). I wondered if someone can answer these questions regarding Anyconnect? We are using an ASa 5520.
1.) What license pack would I need on my ASA 5520?
2.) Is Anyconnect the java based client which can be un-installed automatically after disconnecting?
3.) With the Cisco VPN client I use many profiles for different departments, how can I make sure I keep this using Anyconnect? For example if you are in Sales and you login using your Active Directory username and password you get eh correct pool range? I use these pool ranges to control access via access lists.
Thanks
12-14-2010 07:02 AM
Hi Andy,
1) There are different licenses depending if you want AnyConnect or clientless SSL and/or advanced features like Secure Desktop.
2) Yes
3) You can still use different profiles if using Radius or LDAP.
You can check this link for more complete information:
http://www.cisco.com/en/US/prod/collateral/vpndevc/ps6032/ps6094/ps6120/product_data_sheet0900aecd80402e3f.html
Federico.
12-14-2010 07:10 AM
Thanks,
What is your preferred method to give the user and admin guy the most flexibility?
Cheers
12-14-2010 07:21 AM
For flexibility you can have the ASA accept both clientless and AnyConnect SSL connections.
The AnyConnect can be injected via the SSL connection and automatically deleted when finished, however the AnyConnect requires
admin rights on the PC for installation (it can be kept in the PC installed).
For users not requiring full network access, the clientless is a better option to provide a web portal for TCP applications.
For users that require a full network feel like the Cisco IPsec client, the AnyConnect is the way to go.
For clientless you can enable Port Forwarding and Smart Tunnels to increase functionality.
You can also have Secure Desktop and DAP for increase security.
There's a license for mobile clients as well.
Federico.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide