07-11-2017 04:46 AM
Hello,
We are using Cisco ASA 5525, we also using Anyconnect VPN client to connect users from home or other networks.
I was checking and iIgot that we don't need Anyconnect VPN client software, We can use any open VPN client software and can connect to the network.
I wanted to know that how we can stop these things and is it the bug or something else???
Solved! Go to Solution.
07-11-2017 06:52 AM
Hi Ashutosh,
Are you using any Ikev1 remote access configuration on ASA?
When you say you can connect from open VPN clients are you using SSL or
Regards,
Aditya
07-11-2017 06:52 AM
Hi Ashutosh,
Are you using any Ikev1 remote access configuration on ASA?
When you say you can connect from open VPN clients are you using SSL or
Regards,
Aditya
07-11-2017 08:08 AM
Hey Aditya,
07-11-2017 08:15 AM
Hi Ashutosh,
In that case, you may need to remove/disable that if you are not using it on ASA?
Regards,
Aditya
07-11-2017 08:23 AM
We are using Ikev1 for our client. Is there any other way to do it ???
07-11-2017 08:46 AM
Hi Ashutosh,
As per what I have seen ASA does not support OpenVPN clients, it will not work because OpenVPN uses SSL configuration not similar to Anyconnect.
Can you check which protocol is being used by OpenVPN to connect to ASA?
Regards,
Aditya
07-11-2017 09:11 AM
port number-
1194 UDP
07-11-2017 09:33 AM
In that case, you can disable this port on the outside interface of the ASA.
Anyconnect uses TCP/UDP 443 while IKEv1/Ikev2 used UDP 500/4500 on ASA.
Regards,
Aditya
07-12-2017 01:47 AM
After blocking 1194 Usp port also we able to access.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide