Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
306
Views
5
Helpful
3
Replies

Anyconnect image upgrade

sv7
Level 3
Level 3

‎09-05-2022 04:10 AM

Hi All,

Need to upgrade the ISE compliance software and anyconnect image running on my FTD manage by Fmc version 7.0+. Need to know would my users impact during upgradation as my anyconnect posturing done by ISE.

Labels:
0 Helpful
3 Replies 3

Rob Ingram
VIP
VIP

‎09-05-2022 04:24 AM

@sv7 you can upload the anyconnect package to either the FTD or ISE. Though ISE might be better as it can also upgrade the compliance module (FTD cannot). The anyconnect packages would automatically be upgraded once the user connects to the VPN at next login.

Or alternatively, you could pre-deploy the package to the users' computers if you had a software management solution such as SCCM.

 

0 Helpful

sv7
Level 3
Level 3
In response to Rob Ingram

‎09-05-2022 06:43 AM

Hello Rob,

Thank you for reply.

Does such activity impact users or require downtime ?.

Also uploading the image via ise also upgrades/replaces the image to FTD also when user connects ?

0 Helpful

Rob Ingram
VIP
VIP
In response to sv7

‎09-05-2022 07:11 AM

@sv7 once the new image is upload to ISE or the FTD, the anyconnect client and modules will be upgrade automatically when users connect to the VPN, this could take a couple of minutes, during which period the user will not be connected to the VPN.

Uploading a newer anyconnect image on ISE is independant to the FTD, which will not know about the newer image on ISE. You will still be able to connect to the FTD VPN with a newer anyconnect image than is uploaded to FTD.

Stick to uploading the AnyConnect image in one place, ISE or FTD.

Customers Also Viewed These Support Documents