Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3105
Views
0
Helpful
11
Replies

FTD Remote Access VPNs with Windows 10 Native vpn Client

Chts
Level 1
Level 1

‎02-13-2018 07:43 AM - edited ‎03-12-2019 05:01 AM

Hello,

I have been asked to deply Firepower Threat Defense Remote Access VPNs with Windows 10 native VPN client. Is this solution supports on FTD with latest  code and Windows 10 native VPN client?

VPN Gateway : FTD  with latest code

Client will initiate VPN connection from Windows 10 native VPN client.

Note: No vpn client will be deployed from VPN Gateway .

 

 

 

 

 

 

Labels:
0 Helpful
11 Replies 11

Rob Ingram
VIP
VIP

‎02-13-2018 11:21 AM

Hi,

 

No, only AnyConnect VPN client is supported. From the FTD 6.2.2 Configuration Guide:

 

"Firepower Threat Defense provides secure gateway capabilities that support remote access SSL and IPsec IKEv2 VPNs. The full tunnel client, AnyConnect Secure Mobility Client, provides secure SSL and IKEv2 IPsec connections to the security gateway for remote users. It is the only client supported on endpoint devices for remote VPN connectivity to Firepower Threat Defense devices."

 

HTH

 

0 Helpful

Chts
Level 1
Level 1
In response to Rob Ingram

‎02-14-2018 02:00 AM

Thanks for the quick reply RJI.
Does FTD 4150 running with standard ASA license supports windows 10 native vpn client?
0 Helpful

Rob Ingram
VIP
VIP
In response to Chts

‎02-14-2018 02:06 AM

You mean run the ASA code on the 4150 instead of FTD? Seems like it is possible to use the Windows native client:

 

https://www.cisco.com/c/en/us/support/docs/security-vpn/webvpn-ssl-vpn/119208-config-asa-00.html

0 Helpful

Chts
Level 1
Level 1
In response to Rob Ingram

‎02-14-2018 02:33 AM

Yes, FTD 4150 running ASA code ( probably 9.x) instead of FTD unified image.
Our requirement is SSL VPN with windows 10 native VPN client and Gateway as FTD 4150 with standard ASA license and code would be 9.x and we need to do split tunnelling as well.
0 Helpful

Rob Ingram
VIP
VIP
In response to Chts

‎02-14-2018 02:44 AM

An SSL-VPN using the Windows native client does not seem to be possible in Windows 10. Checking the configuration on Windows 10 it looks like there are only options for: PPTP, L2TP, SSTP and IKEv2. Any reason why you cannot use IKEv2 which the ASA can do with the native client?

0 Helpful

Chts
Level 1
Level 1
In response to Rob Ingram

‎02-14-2018 03:07 AM

Thanks RJI,
I didn't get this question : why you cannot use IKEv2 which the ASA can do with the native client? you mean remote access VPN with IKEv2?
0 Helpful

Rob Ingram
VIP
VIP
In response to Chts

‎02-14-2018 03:14 AM

You can use IKEv2 Remote Access VPN on the ASA, I was asking why you wanted to use SSL-VPN and not IKEv2.

0 Helpful

Chts
Level 1
Level 1
In response to Rob Ingram

‎02-14-2018 03:19 AM

Thanks for the suggestion, I will check this.
Could you share a configuration guide of IKEv2 Remote Access VPN on the ASA 9.x, please?
0 Helpful

Chts
Level 1
Level 1
In response to Rob Ingram

‎02-14-2018 03:35 AM

Thank RJI.
Got this thread, seems like its not working properly but supports win 10 native client
https://supportforums.cisco.com/t5/vpn/asa-ikev2-remote-access/td-p/2981436

0 Helpful

Chts
Level 1
Level 1
In response to Chts

‎02-14-2018 04:09 AM

Hi RJI, Windows 10 native client does supports SSTP using port 443?
0 Helpful
Customers Also Viewed These Support Documents