Solved: Re: Disabling Connection Profile Question

Matthew Martin · ‎11-30-2018

Hello All,

We are going to turn-off our iPsec VPN client and want to "disable" it first, before we completely remove it.

So I was wondering if I could achieve this by just unchecking the option "IPsec Enabled" under each connection profile in:

ASDM > Configuration > Network (Client) Access > IPsec(IKev1) Connection Profiles

Would unchecking that IPsec Enabled option for each profile prevent anyone from logging in with the IPsec client? Or is there a better way to disable it?

Thanks in Advance,

Matt

Marvin Rhoads · ‎11-30-2018

Yes that's the best way. It will prevent the ASA from listening for the incoming IPsec VPN establishment requests.

Of course it won't give your users any notification except for a generic "connection failed" type of error message from the client. So you should communicate the service retirement via other means as well.

View solution in original post

Marvin Rhoads · ‎11-30-2018

Yes that's the best way. It will prevent the ASA from listening for the incoming IPsec VPN establishment requests.

Of course it won't give your users any notification except for a generic "connection failed" type of error message from the client. So you should communicate the service retirement via other means as well.

Matthew Martin · ‎12-03-2018

Hey Marvin, thanks for the reply.

Ok, great. I'll do it that way then, by disabling IPsec for the connection profiles. Thanks for the info, much appreciated!

-Matt