cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1842
Views
0
Helpful
4
Replies

What is a more stable VPN solution than IPSEC VPN? What is the latest VPN client recommended for Windows 7 & 8 users?

bleuangel
Level 1
Level 1

Hello,

I would like to ask some details & concerns on our existing VPN setup.

1. What is the recommended Cisco VPN client for Windows 7 & 8 users? Is there an official documentation for that from Cisco? Currently we are using Ciso VPN client 5.0.7.

2. We are currently running IPSEC VPN with only 1 gateway & just local authentication (no ACS) for our customer. Recently we are receiving few concerns that they're VPN connection is dropping off. Whereas if I'm the one connected to the VPN my connection is stable. Is there any point that we need to look up to in the network. Is there a better setup or solution that we could recommend to the customer like SSL VPN?

3. If we are to use SSL VPN with anyconnect secure mobility & we are to implement redundancy on the FW, how will the licensing work?

Thank you!

2 Accepted Solutions

Accepted Solutions

Marvin Rhoads
Hall of Fame
Hall of Fame

An AnyConnect-based VPN is the recommended replacement for IPsec remote access VPN. (source)

AnyConnect can use either IPsec (IKEv2) or SSL for transport.

For a redundant ASA firewalls (running 8.3(1) or later) any necessary AnyConnect licenses are shared between them. i.e., you only need to buy licenses for one member of the HA pair. (source)

View solution in original post

Michael Muenz
Level 5
Level 5

1. Anyconnect is the firstchoice. Last update of vpn client is ages ago.
2. I would go for Anyconnect with SSL. An Essntial license is enough for using Anyconnect and very cheap. Also you dont have the typical nat issues with IPSEC. Big plus is also central version Management, where you can roll out new versions. Theres much more, just have a look at the QnA section.
3. Already answered.


Sent from Cisco Technical Support Android App

Michael Please rate all helpful posts

View solution in original post

4 Replies 4

Marvin Rhoads
Hall of Fame
Hall of Fame

An AnyConnect-based VPN is the recommended replacement for IPsec remote access VPN. (source)

AnyConnect can use either IPsec (IKEv2) or SSL for transport.

For a redundant ASA firewalls (running 8.3(1) or later) any necessary AnyConnect licenses are shared between them. i.e., you only need to buy licenses for one member of the HA pair. (source)

Thanks much Marvin.

Do you have any source document that previously Cisco VPN client 5.0.7 is the recommended VPN Client to be used?

Can we right away migrate to use Any Connect to replace our VPN client 5.0.7?

Well the old VPN Client was the ONLY IPsec remote access VPN client that Cisco offered. So they wouldn't need to say "we recommend this one vs. that one" would they?

Any migration needs to take into account new features and potential issues with the new client software. So you would need to confirm your VPN head end type, version, licensing, etc. Decide whether you want to use IKEv2 or sSL transport. Decide how you want to deploy the client software. Decide whether you want to make any changes to the features deployed given the expanded range of capabilities offered by AnyConnect, etc.

Hope this helps. Please rate helpful posts.

Michael Muenz
Level 5
Level 5

1. Anyconnect is the firstchoice. Last update of vpn client is ages ago.
2. I would go for Anyconnect with SSL. An Essntial license is enough for using Anyconnect and very cheap. Also you dont have the typical nat issues with IPSEC. Big plus is also central version Management, where you can roll out new versions. Theres much more, just have a look at the QnA section.
3. Already answered.


Sent from Cisco Technical Support Android App

Michael Please rate all helpful posts