SSL VPN on Cisco UC520?

Posted on 2009-05-01
Last Modified: 2012-05-06
We have a Cisco UC520 and need to setup an ssl vpn for our remote users to connect back to our LAN. The users are mobile users who use laptops, so site-to-site will not work for us. Is this possible and, if so, how do we configure this?
Question by:leatherleaf
    LVL 14

    Accepted Solution

    Let's start here.  The UC520 is for VOIP.  It is not a firewall, and as such is not intended to act as a VPN gateway.

    That said, your question "is it possible".  In theory it is possible if you can obtain the necessary secure IOS software package and load onto the router.  This will open up the command set you need to configure VPN tunnels.  Would I try?  Not in a million years (you want your phone communication to remain as stable as possible, right?).

    If you have a firewall, use it for your VPN.  If you do not already have a firewall, I recommend getting one.  You are already a Cisco shop, so a Cisco ASA might be your first choice.  I am not terribly keen on Cisco firewalls though, and would recommend looking at the Juniper Netscreen.  On the lower-end, 3COM makes a deacent OfficeConnect series that supports SSL and PPTP VPNs.  SnapGear also seems to make a fairly deacent low-end (cheap) unit.

    Expert Comment

    I disagree with the answer/solution.  The main reason for the UC520 is for a branch/Office in a box. To limit the number of devices a small office will need.  If you start adding firewall appliances, third party switches etc.. it will only complicate the configuration for the users.

    The UC520 does support SSL & IPSec VPN and is configurable via CCA since version 2.0 I believe.  I have it running on my production system and several demo boxes. Works great and is a nice alternative to the IPSec VPN client.

    As for the firewall the Cisco IOS  firewall, which is what UC520 is running, is a wonderful firewall.  If you need a more advanced firewall,  yes, I agree the ASA would be a good bet.

    Just my .02

    Write Comment

    Please enter a first name

    Please enter a last name

    We will never share this with anyone.

    Featured Post

    PRTG Network Monitor: Intuitive Network Monitoring

    Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

    New Server  was moved from behind Router R2 f0/1 to behind router R1 int f/01 and has now address But we want users still to be able to connected to it by old IP. How to do it ? We can used destination NAT (DNAT).  In DNAT…
    I have seen some questions on problems with SSH/telnet access to Cisco routers that may occur despite the fact that from a PC connected to your LAN, Internet connectivity is in place and users can access Internet sites without any issues.  There are…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
    After creating this article (, I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

    759 members asked questions and received personalized solutions in the past 7 days.

    Join the community of 500,000 technology professionals and ask your questions.

    Join & Ask a Question

    Need Help in Real-Time?

    Connect with top rated Experts

    11 Experts available now in Live!

    Get 1:1 Help Now