01-22-2021 07:39 AM
Hi All,
According to the article below,
https://support.umbrella.com/hc/en-us/articles/360033350851-End-of-Life-for-TLS-1-0-1-1-
Except for AnyConnect, the Umbrella Roaming Client, and the AD Connector, Umbrella ended support for TLS 1.0/1.1 in March 2020. However because of backend dependencies, some additional services for dashboard and APIs unofficially continued to support TLS 1.0/1.1 -- On January 27th, these additional services will stop accepting TLS 1.0/1.1 connections. If you have trouble accessing the dashboard or APIs, please check your device for TLS 1.2 support.
If we are using the Cisco Anyconnect VPN client 4.6.03049, and if we do not upgrade to the latest version, would the VPN clients stop connecting at all?
Solved! Go to Solution.
01-22-2021 07:49 AM
The minimum version for Cisco AnyConnect with Umbrella roaming module: Version 4.8.02042+ (link) OR if using older client version, configure TLS 1.2 use with changes to the Windows Registry with these steps. So if you haven't applied those registry settings then you'll need to upgrade the client, otherwise umbrella functionality won't work.
I see no reason why the VPN to the ASA/FTD should not work. Regardless you should upgrade to a newer version of AnyConnect, as you get better performance and it's more secure.
You can force the clients to upgrade anyconnect by either enabling updates in the umbrella dashboard or uploading a newer version to the ASA/FTD. The clients will auto upgrade, no need for admin rights.
HTH
01-22-2021 07:49 AM
The minimum version for Cisco AnyConnect with Umbrella roaming module: Version 4.8.02042+ (link) OR if using older client version, configure TLS 1.2 use with changes to the Windows Registry with these steps. So if you haven't applied those registry settings then you'll need to upgrade the client, otherwise umbrella functionality won't work.
I see no reason why the VPN to the ASA/FTD should not work. Regardless you should upgrade to a newer version of AnyConnect, as you get better performance and it's more secure.
You can force the clients to upgrade anyconnect by either enabling updates in the umbrella dashboard or uploading a newer version to the ASA/FTD. The clients will auto upgrade, no need for admin rights.
HTH
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide