Equipment Support > Hardware By Brand > Cisco > [HELP] Lost in Jungle of VPN Choices.....

reply to Anav

Re: [HELP] Lost in Jungle of VPN Choices.....

No worries cramer, I only need one ssl vpn setup. So the anyconnect SSL seems viable, as it pushed it to the client the first time. (easier than a generic ssl vpn client or at least more secure).
Just need to confirm its the
anyconnect-win-2.5.3055-k9.pkg
file looking for size 4694KB, and under properties, 4.58MB (4,805,906 bytes). I also have the mac one......
macosx-i386-2.5.3055-k9.pkg file size 6154KB

Hi Anav, quick answer to your questions:

1). If you already have the windows/mac packages, just add them to your config under webvpn:
webvpn
anyconnect image disk0:/anyconnect-win-2.5.3055-k9.pkg 1 regex "Windows NT"
anyconnect image disk0:/macosx-i386-2.5.3055-k9.pkg 2 regex "Intel Mac OS X"

You can also get any of the packages off of CCO. Once a user logs into webvpn, there will be an option for Anyconnect and it will install the appropriate package based on the OS of the client. There are also iOS clients and I think Android. They require another license though, called "Anyconnect Mobile". The 2 default Anyconnect licenses will work for Windows and OS X (and linux) clients.

2). It is absolutely possible to SSH/HTTPS to your firewall over VPN. Add this:

"management-access INSIDE"
and:
ssh x.x.x.x y.y.y.y INSIDE
http x.x.x.x y.y.y.y INSIDE

where x.x.x.x is the network you are coming from and y.y.y.y is the subnet mask.

Config is the same for any 8.x (I haven't changed this since 8.0.5 and I am running 8.4.3 now).

HTH