Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
13933
Views
26
Helpful
7
Replies

Track Anyconnect client version on ASA 5520 version 8.4(2)

cjkaufman@dmgov.org
Level 1
Level 1

‎07-03-2012 02:38 PM

I am rolling out the new AnyConnect VPN client to address the latest Security Advisory and I would like to know if there is a way to run a report that tells me which clients have upgraded to the new client and what version the remaining clients are on.

Thanks,


Chris Kaufman

Labels:
0 Helpful
7 Replies 7

Jennifer Halim
Cisco Employee
Cisco Employee

‎07-03-2012 06:34 PM

How do you roll out the new version of client?

By uploading the latest client to the ASA and user will download it automatically when they connect? or manually ask them to upgrade?

If you upload the latest client to the ASA makes sure that the latest client is on the first order, eg:

anyconnect image disk0:/anyconnect-win-3.0.08057-k9.pkg 1

http://www.cisco.com/en/US/docs/security/asa/asa84/command/reference/a2.html#wp1778056

--> when user connects they will automatically be upgraded to the latest version. If user does not connect, then they will stay with their current version until they are connected to the VPN.

Unfortunately there is no report to tell which user has upgraded to the latest version.

You can check what the online users run by issueing: show vpn-sessiondb detail full anyconnect

cjkaufman@dmgov.org
Level 1
Level 1
In response to Jennifer Halim

‎07-05-2012 07:59 AM

Thanks for the responses.  I have uploaded the new client to the ASA for the automatic download/upgrade method. I want to know a couple things:

1. Which/how many clients have upgraded to the new client.

2. Is there is a database that tracks client history?  Sessions, VPN client version, etc.

Could you provide more detail on how I would use Accounting to track client AnyConnect version?

Thanks,

Chris Kaufman

0 Helpful

Jennifer Halim
Cisco Employee
Cisco Employee
In response to cjkaufman@dmgov.org

‎07-05-2012 08:07 AM

1. No, unfortunately it won't tell you which/how many clients have upgrade to the new client. It really depends on whether those users connect to VPN in to the ASA or not, and if they do, they will get upgraded automatically if you have that client on the top of the anyconnect image.

2. Again, this is also no, there is no database to track the client history on the ASA.

Javier Portuguez
Level 9
Level 9

‎07-03-2012 06:57 PM

You could also use Accounting to keep track of your users.

Sent from Cisco Technical Support Android App

0 Helpful

lanmac30
Level 1
Level 1

‎03-22-2019 12:23 PM

I use:

 

show vpn-sessiondb detail anyconnect | i Client Ver

 

 

Only shows the anyconnect client versions. 

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to lanmac30

‎03-23-2019 03:04 AM

Yes but it won't show you inactive / disconnected clients who haven't upgraded.

0 Helpful

ROCKY CHEUNG
Level 1
Level 1

‎03-15-2022 02:07 PM

Also try this to display active username with their client version......


show vpn-sessiondb detail anyconnect | i Username | Client Ver

Customers Also Viewed These Support Documents