cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
680
Views
0
Helpful
7
Replies
Highlighted
Beginner

Cisco Anyconnect

Hi all,

I have a number of Cisco 5505 ASA's running various levels of software and I am looking at upgrading the users to use the anyconnect software due to the the older cisco vpn client not working correctly on the newer versions of windows.

My question really is what work is involved in setting up anyconnect when a remote vpn is already configured. Can you have both setup or is it one or  the other.

Many thanks

7 REPLIES 7
Beginner

Hello,

Hello,

You can have both setups working at the same time you can even use the same group policies and tunnel groups that you currently use with the cisco VPN client assigning a group alias to it.

What is different of Anyconnect is that the Anyconnect require you to enable the ssl-client protocol in the group policy you also need to upload the Anyconnect image to the ASA and apply it in the global webvpn settings also enable anyconnect to the outside interface and some other configuration will be enabled but in brief this is what you need to enable Anyconnect.

In ASDM there is a wizard that you can follow to configure anyconnect and will guide you through the process of configuration, you can follow this documentation:

http://www.cisco.com/c/en/us/support/docs/security/anyconnect-secure-mobility-client/119006-configure-anyconnect-00.html

Regards, please rate.

Highlighted
Enthusiast

Hi Diego,

Hi Diego,

If I pre-install Anyconnect client in all the client PC, do I have load Anyconnect image in ASA ?


CF

Highlighted
Hall of Fame Guru

You have to have an image on

You have to have an image on the ASA to configure an AnyConnect SSL VPN - whether or not you deploy from there. It doesn't need to be the same version that your clients are running.

Unless you deleted it, all ASAs shipped in the last several years include an old AnyConnect 2.5 already on disk0: in the factory build.

Highlighted
Enthusiast

Hi Simon,

Hi Simon,

i have faced same issue regarding the Windows 10 is not working with Cisco VPN client but i have solved the issue using the following link

 

http://www.gleescape.com/posts/2917

 

https://www.youtube.com/watch?v=O1BiIRK6tOY          

also if you don't have problem with anyconnect license then it would be better to use of course

you can configure the Cisco anyconnect profiles simply via ASDM anyconnect wizard

but you need to download the latest anyconnect image and upload it to your firewall then after that any user will need to download the anyconnect client should login to your firewall via SSL page then enter his account information and download the anyconnect client from the firewall and install it on his machine.

also please check the link for anyconnect configuration it should be easy for you :

http://www.cisco.com/c/en/us/td/docs/security/asa/asa80/configuration/guide/conf_gd/svc.html#wp1040195 

HTH

Samer.

regards,

Highlighted
Beginner

Hi Both,

Hi Both,

Many thanks for the replies, I have played around with the old version working with win10 and have had it working but it's a pain in the backside. We do have the license so as you say it makes sense.

I will have a play around with the config and post my findings.

Thanks!

Highlighted
Beginner

Re: Hi Both,

From past few days nobody in our organization is able to connect Cisco AnyConnect Secure Client  asa firewall  ASA5510 . 17 connection working if more than 17 connection  another people  trying to connect get this popup error :- "Could not connect to server . Please verify Internet connectivity and server address" .

even we have 250 license, How ever Internet is working and all L2L ipsec tunnels are also up

 

any Idea for this?

 

 

Highlighted
Hall of Fame Master

Re: Hi Both,

It is interesting that up to 17 users works ok and if more than 17 attempt to connect then they get error message and connection fails. The obvious first question is whether it used to work with more than 17 concurrent users? Another question would be what is the size of the address pool used for AnyConnect?

 

When someone attempts to connect and fails is there any log message generated on the ASA? I wonder if it would help if you were to reboot your ASA?

 

HTH

 

Rick

HTH

Rick