I have a number of Cisco 5505 ASA's running various levels of software and I am looking at upgrading the users to use the anyconnect software due to the the older cisco vpn client not working correctly on the newer versions of windows.
My question really is what work is involved in setting up anyconnect when a remote vpn is already configured. Can you have both setup or is it one or the other.
You can have both setups working at the same time you can even use the same group policies and tunnel groups that you currently use with the cisco VPN client assigning a group alias to it.
What is different of Anyconnect is that the Anyconnect require you to enable the ssl-client protocol in the group policy you also need to upload the Anyconnect image to the ASA and apply it in the global webvpn settings also enable anyconnect to the outside interface and some other configuration will be enabled but in brief this is what you need to enable Anyconnect.
In ASDM there is a wizard that you can follow to configure anyconnect and will guide you through the process of configuration, you can follow this documentation:
Regards, please rate.
You have to have an image on the ASA to configure an AnyConnect SSL VPN - whether or not you deploy from there. It doesn't need to be the same version that your clients are running.
Unless you deleted it, all ASAs shipped in the last several years include an old AnyConnect 2.5 already on disk0: in the factory build.
i have faced same issue regarding the Windows 10 is not working with Cisco VPN client but i have solved the issue using the following link
also if you don't have problem with anyconnect license then it would be better to use of course
you can configure the Cisco anyconnect profiles simply via ASDM anyconnect wizard
but you need to download the latest anyconnect image and upload it to your firewall then after that any user will need to download the anyconnect client should login to your firewall via SSL page then enter his account information and download the anyconnect client from the firewall and install it on his machine.
also please check the link for anyconnect configuration it should be easy for you :
Many thanks for the replies, I have played around with the old version working with win10 and have had it working but it's a pain in the backside. We do have the license so as you say it makes sense.
I will have a play around with the config and post my findings.
From past few days nobody in our organization is able to connect Cisco AnyConnect Secure Client asa firewall ASA5510 . 17 connection working if more than 17 connection another people trying to connect get this popup error :- "Could not connect to server . Please verify Internet connectivity and server address" .
even we have 250 license, How ever Internet is working and all L2L ipsec tunnels are also up
any Idea for this?
It is interesting that up to 17 users works ok and if more than 17 attempt to connect then they get error message and connection fails. The obvious first question is whether it used to work with more than 17 concurrent users? Another question would be what is the size of the address pool used for AnyConnect?
When someone attempts to connect and fails is there any log message generated on the ASA? I wonder if it would help if you were to reboot your ASA?