Showing results for 
Search instead for 
Did you mean: 

SA540 - SSL VPN on Windows 8

Dear CISCO Team!

Currently I have the problem that the SA540 SSL VPN will not work when using Windows 8 x64.

Is there a time line to fix this problem? Hope to get this issue solved asap... :-(

Best regards,


Thanks a lot!

Torsten Jahnke
founder and inventor of keweonDNS

As the SA540 is EOL and Cisco stopped active small Business support, I think there won't be an update anymore. Especially as Cisco does not even fix Windows 7 issues. Look at Zyxel or Netgear.


Better idea: you should look at Cisco ISA 550 or ISA 570 which has replaced SA series.
It's great UTM appliance for SMB and it supports SSL VPN which is supported in Windows 8 by Cisco AnyConnect VPN client.


Thats the solution??

I have bougt the SA540 half an year ago. I also bougt SmartNet for this device and if this is real...

I will not longer extend my partnership Status because that was the reason why I changed to CISCO. It was because of the Service.

My SA540 causes troubles from beginning. In November last year CISCO send me the Beta Firmware for this but it still causes troubles. The Webfilter is payed but because of something unknown I can't are the license. And now this funny News?

If it doesn't work buy a new one???

If CISCO like to piss on Smal Business Consumer they should sell this as yellow rain!!!!

Thanks a lot!

Torsten Jahnke
founder and inventor of keweonDNS

I just updated Ronald's post that Cisco has really great solution for SMB UTM segment so you don't have to swtich to other vendor at all - ISA500 is really great product.

As regarding your problem: it seems SSL VPN on Windows 8 is not official supported for SA520 . But there is know issue with Windows 7 - maybe it applies to Windows 8 also - can you check it?

CSCtv22608 On a Windows 7 64-bit computer, an SSL VPN tunnel cannot be established with the Microsoft Visual C++ 2008 Redistributable Package (x64).

Workaround: Download the Microsoft Visual C++ 2005 Redistributable Package (x64) from Microsoft.

If it doesn't solve the issue - open the case at support center:


Well, the C++ package is always an issue. I remember that we had these issues already with the RVL200 many years ago. Even Cisco fixed many SSL bugs and came up with solutions to make SSL VPN work again and again. However, with every upgrade of the firmware, Java or Windows (often just a security patch) made the connection to fail again. As this happened every couple month, we switched the SSL VPN to a competitor and since we had no more connection issues.
So the Cisco solution is just not stable enough for a small business solution..

As for the ISA500, I just ordered a ISA570W and will test it.


So, meanwhile I installed a ISA570. It has some real nice features, like security zones and shows a pretty good performance.

However, the ISA500 is not ready for small businesses yet, so it misses some major functions, some of them were already implemented in the SA540.

For example the security service functions that replaced ProtectLink have no scheduling function. So it is not possible to allow some Web URL filters to apply during business hours and another set during non business hours. I can not understand why Cisco missed to add the scheduling function to the URL filters.

As for the scheduling functions in the firewall to protect zones and ports, it is only possible to set up schedules within a day. So in order to separate business and non business hours, you have to set up at least 4 schedules (00:00 - 08:00, 08:00 - 17:00, 17:00 - 24:00 and weekend 00:00 - 24:00). This means, that ou have to apply each firewall rule to these four schedules, for a small business this gets very complicated.

Well, I hope Cisco will look at small businesses again and update the firmware of the ISA500 to include at least the functions of the SA500 and update the implemented features, so also small businesses can handle it.

So far I just tested the installation, I will look at the UTM security services in the next days and report back.





Contact Cisco SMB support and request a return of the SA. You should get your money back that you could put towards the ISA series and transfer smartnet. A pain but at least you can recoup the money.  The cost of the ISA was almost equal for us.

Content for Community-Ad