09-21-2009 09:15 AM - edited 02-21-2020 04:20 PM
Good day,
We currently have a Cisco ASA 5510 with version 5.2 of ASDM and version 7.2 of the ASA. It is my understanding that to use the Cisco AnyConnect client we would need version 6.0 of the ASDM and version 8.0 of the ASA. If this just a software update? Would there be any downtime for this update or any adverse effects that might be caused to going to the higher version? Also is the AnyConnect a separate package that needs to be purchased or is it just something that is available if we upgrade to the latest versions? How long would an upgrade like that take and what configuration changes would be necessary to allow clients to connect?
Thanks and I appreaciate the help anyone is willing to give.
09-21-2009 11:25 AM
your understanding is correct..yes you need to upgrade asa code to 8.0.x or above for annyconnect support.
it is a software code ugrade for both ASA code and ASDM code accordingly, you will need reboot after upgrading code.
see Determining the Software Version for upgrade process - as per code http://www.cisco.com/en/US/products/ps6120/prod_release_notes_list.html
For the annyconnect client you can obtain it for free via cisco CCO , but you need ssl licenses. So far ASA5500 comes with two FREE SSL licenses for either SSL Webvpn or annyconnect.
If you intend to have more than two concurrent annyconnect sessions you need to buy SSL licenses - see table 2 for SL licenses info per platform.
Regards
09-22-2009 06:33 AM
Thanks so much for the help Jorge!
Do you know of any negative imapct this might have? For example if we have sales guys using the Cisco VPN client now and we do the upgrade for ASDM and ASA could their current VPN client stop working? Basically are there any problems you've experienced due to the upgrade?
Thanks!
09-22-2009 09:25 AM
could their current VPN client stop working? Basically are there any problems you've experienced due to the upgrade?
Hi Jay, not realy - RA VPN should still function after - upgrade is very stright forward and will convert config to that code , as a rule and practice however for any upgrades on devices is to backup your configuration - it is also good idea to look at the code you will be upgrading to for opened CAVEATS -you can look at opened caveats in the release notes link I posted which provides details on opened bugs to sort of give you ideas of issues.. I have been runing latest code 8.2.1 since its release back in May for example with no issues but my environment differs from others.. but you should be good..
here is backup config process
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_tech_note09186a008072142a.shtml
upgrade softwrae image process using asdm
http://www.cisco.com/en/US/products/ps6120/products_configuration_example09186a008067e9f9.shtml
is much easier to do the upgrade through command line... if you need help let us know.
Regards
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide