Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2100
Views
0
Helpful
3
Replies

Anyconnect VPN 877

dbooth
Level 1
Level 1

‎10-21-2010 04:08 AM - edited ‎02-21-2020 04:55 PM

It's almost impossible to use Anyconnect VPN on an 877 router because there just isn't enough space on the standard flash card to install the Anyconnect pkg file, and it seems crazy that you have to install the pkg files on the router anywhere when you can download and install Anyconnect standalone clients for Windows and other platforms - is there any way you can setup Anyconnect without having to install the clients on the router?

Labels:
0 Helpful
3 Replies 3

Jennifer Halim
Cisco Employee
Cisco Employee

‎10-21-2010 04:29 AM

No, there is no other way. Unfortunately you would need to install the AnyConnect package on the router as well. This is also the same if ASA firewall is terminating the AnyConnect connection.

0 Helpful

fmpiedrafita
Level 1
Level 1

‎06-15-2012 05:27 AM

Hi there,

I know this thread is quiet old but I has the same situation some days ago. I found a workaround to the problem opening the pkg file (using 7zip) and removing some modules I did not need for my environment (gina, hostscan, etc). Once the pkg was small enough I was able to upload it to the router and install it with the command: webvpn svc install .

Maybe this will not work in all the cases (where all modules are requiered) but it is OK for me since I only need this working to be able to connect remotely to my home network.

Regards

0 Helpful

keiran_harris
Level 1
Level 1
In response to fmpiedrafita

‎05-09-2015 04:22 PM

Hi fmpiedraftia, i have the same issue (home cisco877, just want anyconnect access into it) and tried your workaround (hacking down the .pkg file) but i cant get the SSL page to come up, nor will the anyconnect client on my mac connect (times out). I have a: 

- cisco877, running IOS= C870-ADVSECURITYK9-M, 15.1(1)T4

- flash = 24MB in total, above image is 22MB, leaving only 2MB to install package. 

- v4.0 of anyconnect .pkg = 15MB! 

- see below screenshot for the files i deleted (basically all of the big files under the /binaries/ directory, all else i left untouched). Logic being i dont need to host the anyconnect client on the headend, as i have a local installer, and the other stuff [posture, ise-posture, websecurity, ise-network-assistant, dart] i dont need, i dont think anyway! 

- bit worried about the "vpndownloader.sh" that ive deleted, which is a shell script, but looking at it, a very minimal one, with some sort of binary archive attached (that accounts for the massive size of 1.2MB for a shellscript!). Also "anyconnectprof.sgz" (looking on the web for the .sgz extension) is an encrypted file, clearly i dont know hat the purpose of this is. 

i guess my questions to you are: 

1/ what was the hardware / software breakdown you had? (how much flash? what IOS? what version of anyconnect?)

2/ what files did you remove from the .pkg? perhaps you could email me that .pkg and i could have a look [ keiran_harris (at) yahoo (dot) com ] ?

3/ perhaps the problem is with my anyconnect config? (i followed this guide here http://www.cisco.com/c/en/us/support/docs/routers/3800-series-integrated-services-routers/110608-ssl-ios-00.html) which produced the below config (one question i had here is that its not clear to me if the "gateway ip address" needs to be the inside or the outside public IP... perhaps you could clarify here too). 

Any help greatly appreciated!! thanks, Keiran

0 Helpful
Customers Also Viewed These Support Documents