09-05-2022 04:10 AM
Hi All,
Need to upgrade the ISE compliance software and anyconnect image running on my FTD manage by Fmc version 7.0+. Need to know would my users impact during upgradation as my anyconnect posturing done by ISE.
09-05-2022 04:24 AM
@sv7 you can upload the anyconnect package to either the FTD or ISE. Though ISE might be better as it can also upgrade the compliance module (FTD cannot). The anyconnect packages would automatically be upgraded once the user connects to the VPN at next login.
Or alternatively, you could pre-deploy the package to the users' computers if you had a software management solution such as SCCM.
09-05-2022 06:43 AM
Hello Rob,
Thank you for reply.
Does such activity impact users or require downtime ?.
Also uploading the image via ise also upgrades/replaces the image to FTD also when user connects ?
09-05-2022 07:11 AM
@sv7 once the new image is upload to ISE or the FTD, the anyconnect client and modules will be upgrade automatically when users connect to the VPN, this could take a couple of minutes, during which period the user will not be connected to the VPN.
Uploading a newer anyconnect image on ISE is independant to the FTD, which will not know about the newer image on ISE. You will still be able to connect to the FTD VPN with a newer anyconnect image than is uploaded to FTD.
Stick to uploading the AnyConnect image in one place, ISE or FTD.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide