Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
261
Views
0
Helpful
1
Replies

webvpn setup

S891
Level 2
Level 2

‎07-17-2015 02:34 PM

I am looking for a sample config of an ssl webvpn that covers all new SSL /TLS issues/vulnerabilities and works with all browsers. Lately I have seen issues with webvpn with Chrome. If there is a sample config to be hsraed or a link it would be helpful. 

Labels:
0 Helpful
1 Reply 1

Puneesh Chhabra
Cisco Employee
Cisco Employee

‎07-18-2015 04:26 AM

Here's the sample config for webvpn on ASA:

 

http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/70475-webvpnasa.html

 

Its difficult to provide a configuration which covers all vulnerabilities, however you can upgrade ASA code to latest (9.3.2.2 or later) which has fix for all vulnerabilities

Also, while using webvpn or anyconnect, do not use sslv3.  Cisco ASA now supports the latest TLS v1.2 which is not vulnerable as of now.

 

You can also keep track of all vulnerabilities on www.securityweek.com and check with Vendors as and when the fix is available.

 

http://www.securityweek.com/freak-vulnerability-exposes-ssltls-security-hole  (Freak is the latest one)

Hope this helps.

 

Regards,

Puneesh

Please rate helpful posts

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents