Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1194
Views
0
Helpful
2
Replies

Trusted Network Detection - AnyConnect on FTD version 6.4

Anish Chauhan
Level 1
Level 1

‎06-12-2020 02:12 AM

We're undertaking a migration from ASAs to FTD 2130 appliances. The current solution uses AnyConnect 4.7 and leverages Trusted Network Detection; the main driver being that users should not have to manually start the AnyConnect client and instead should detect the they're not on a company network and therefore start the VPN. 

 

The notes on AnyConnect 4.7 suggests that TND requires a Dynamic Access Policy which from what I understand is not supported under FTD yet.  

 

Does anyone have any other way of achieving this? 

 

Thanks. 

0 Helpful
2 Replies 2

Marvin Rhoads
Hall of Fame
Hall of Fame

‎06-13-2020 05:13 AM

TND should not require DAP but should instead rely on the setting in the VPN core module profile. I'm looking at this guide for that information:

https://www.cisco.com/c/en/us/support/docs/security/anyconnect-secure-mobility-client/200600-Install-and-Configure-Cisco-Network-Visi.html#anc19

The guide is for NVM (not supported for deployment from FTD) but the TND bit is associated with the VPN profile (without any mention of DAP).

I hope to try this in my lab to verify it.

0 Helpful

Anish Chauhan
Level 1
Level 1
In response to Marvin Rhoads

‎06-14-2020 02:22 PM

Hi Marvin,

A colleague of mine also suspected this would be the case. We will be testing this for the customer during the course of the coming days so I too will keep you posted. 

 

Thanks, Anish

0 Helpful
Customers Also Viewed These Support Documents