Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3960
Views
3
Helpful
8
Replies

clientless SSL VPN Support on Cisco FTD

sina.naser
Level 1
Level 1

‎08-13-2022 02:45 AM

Hi Everyone,

Does Cisco FTD Products (2100 series) support clientless SSL VPN Portal without anyconnect agent on clients?

Tnx in advance

0 Helpful
8 Replies 8

Rob Ingram
VIP
VIP

‎08-13-2022 03:34 AM

@sina.naserclientless VPN is not supported on any hardware if you are running the FTD software image, it is only supported on the ASA image. So if you are running the ASA image on your FPR2100 clientless VPN it will work.

Bear in mind though, clientless VPN is depreciated from ASA version 9.17.

Marvin Rhoads
Hall of Fame
Hall of Fame

‎08-14-2022 04:49 AM - edited ‎08-14-2022 04:49 AM

Elaborating on @Rob Ingram's reply, clientless will never be supported on FTD.

Jimmywick
Level 1
Level 1

‎08-16-2022 11:40 PM

No clientless SSL VPN is supported on any type of FTD deployment because it's been deprecated and removed from most code updates.

 

0 Helpful

njk1985
Level 1
Level 1

‎09-06-2022 02:04 AM

 @Marvin Rhoads I want to know , Is there any plan Cisco release client less VPN ? because all other competitor has it , as well as customers are asking client less VPN

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to njk1985

‎09-06-2022 07:53 AM

No plans for FTD. In fact, clientless is actively being deprecated even on ASA software.

Cisco will steer users to other products like the higher end Umbrella subscriptions with things like Remote Browser Isolation (RBI).

0 Helpful

njk1985
Level 1
Level 1

‎09-06-2022 11:09 PM

Thanks, Marvin, for the information 

0 Helpful

Zalbarqawi
Level 1
Level 1

‎08-22-2023 08:07 PM - edited ‎08-22-2023 08:10 PM

by the way also for ASA firewall higher versions from 9.17 and higher cisco has removed the sslclient-less vpn feature, am not sure why however its using TLS and its still secured, i was using it with ssh and vnc plugins but unfortunatly they removed it from the newer versions.

Referances:

https://www.cisco.com/c/en/us/td/docs/security/asa/asa917/release/notes/asarn917.html

https://www.cisco.com/c/en/us/td/docs/security/asa/compatibility/asa-vpn-compatibility.html#:~:text=With%20Secure%20Firewall%20ASA%20version,work%20with%20clientless%20SSL%20VPN.

 

so the only way to use remote access vpn is to replace it with ssl-client anyconnect secure client.

Capture.PNG

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to Zalbarqawi

‎08-22-2023 11:00 PM

@Zalbarqawi you can also use remote access VPN with IPsec IKEv2 terminated with Cisco Secure Client / AnyConnect. In fact, that's the current US National Security Agency (NSA) recommendation (vs. SSL VPN even if using the latest TLS 1.3).

Cisco is discontinuing ASA clientless because the current implementations they were using (Java, plug-ins) has too many limitations and incompatibilities.

Customers Also Viewed These Support Documents