I am rolling out the new AnyConnect VPN client to address the latest Security Advisory and I would like to know if there is a way to run a report that tells me which clients have upgraded to the new client and what version the remaining clients are on.
How do you roll out the new version of client?
By uploading the latest client to the ASA and user will download it automatically when they connect? or manually ask them to upgrade?
If you upload the latest client to the ASA makes sure that the latest client is on the first order, eg:
anyconnect image disk0:/anyconnect-win-3.0.08057-k9.pkg 1
--> when user connects they will automatically be upgraded to the latest version. If user does not connect, then they will stay with their current version until they are connected to the VPN.
Unfortunately there is no report to tell which user has upgraded to the latest version.
You can check what the online users run by issueing: show vpn-sessiondb detail full anyconnect
Thanks for the responses. I have uploaded the new client to the ASA for the automatic download/upgrade method. I want to know a couple things:
1. Which/how many clients have upgraded to the new client.
2. Is there is a database that tracks client history? Sessions, VPN client version, etc.
Could you provide more detail on how I would use Accounting to track client AnyConnect version?
1. No, unfortunately it won't tell you which/how many clients have upgrade to the new client. It really depends on whether those users connect to VPN in to the ASA or not, and if they do, they will get upgraded automatically if you have that client on the top of the anyconnect image.
2. Again, this is also no, there is no database to track the client history on the ASA.
You could also use Accounting to keep track of your users.
Sent from Cisco Technical Support Android App
show vpn-sessiondb detail anyconnect | i Client Ver
Only shows the anyconnect client versions.