Cisco 5505 Administration Guide - Page 19
Common AnyConnect VPN Client Installation and Configuration Procedures - asa security appliance
UPC - 882658082252
View all Cisco 5505 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 19 highlights
2 C H A P T E R Common AnyConnect VPN Client Installation and Configuration Procedures Installing the AnyConnect Client The installation and configuration consists of two parts: what you have to do on the security appliance and what you have to do on the remote PC. The AnyConnect client software part of the ASA Release 8.0(1) and later and ASDM Release 6.0 and later. You can decide whether to make the AnyConnect client software permanently resident on the remote PC, or whether to have it resident only for the duration of the connection. This chapter contains procedures for installing the AnyConnect client software on the ASA5500 using the Adaptive Security Device Manager (ASDM) or the CLI command interface. It also describes how to install the AnyConnect client on a user's PC and how to enable AnyConnect client features after installation. WebLaunch Mode Without a previously-installed client, remote users enter into their browser the IP address or DNS name of an interface configured to accept clientless SSL VPN connections. Unless the security appliance is configured to redirect http:// requests to https://, users must enter the URL in the form https://. Note A user with a clientless SSL VPN connection can switch to an AnyConnect client SSL VPN connection by clicking the AnyConnect drawer on the portal and following the instructions on that page. After the user enters the URL, the browser connects to that interface and displays the login screen. If the user satisfies the login and authentication, and the security appliance identifies the user as requiring the client, it loads the client that matches the operating system of the remote computer. After loading, the client installs and configures itself, establishes a secure SSL connection and either remains or uninstalls itself (depending on the security appliance configuration) when the connection terminates. Standalone Mode In the case of a previously-installed client, when the user authenticates, the security appliance examines the revision of the client, and upgrades the client as necessary. When the client negotiates an SSL VPN connection with the security appliance, it connects using Transport Layer Security (TLS). The client can also negotiate a simultaneous Datagram Transport Layer Security (DTLS) connection. DTLS avoids latency and bandwidth problems associated with some SSL connections and improves the performance of real-time applications that are sensitive to packet delays. OL-12950-012 Cisco AnyConnect VPN Client Administrator Guide 2-1