Solved

ASA SSL VPN essentials

Posted on 2011-09-20
4
516 Views
Last Modified: 2012-05-12
i am looking for a easy to follow, how to setup SSL VPN essentials. i am buying the license. we are currently using the vpn client, can these co exist? i will remove old vpn cleint after ssl is installed and tested.
0
Comment
Question by:Hubman
  • 2
  • 2
4 Comments
 
LVL 18

Accepted Solution

by:
jmeggers earned 500 total points
ID: 36569488
If you're talking about the IPsec VPN client, it can coexist with the AnyConnect client.  If you're talking about the AnyConnect client itself, it's the same client for premium and Essentials licenses.  If you're talking about the old SVC client, get rid of it.

If you're setting up the VPN, my advice is to use the wizard in ASDM.  Pretty easy to follow, the big stumbling block everyone seems to hit is NAT, but if you're currently using the IPSec client you should have already addressed that.  If you're converting from IPSec over to SSL, my suggestion would be to use the existing address pool, since you've probably already addressed the no-NAT issue for that address block.
0
 
LVL 1

Author Comment

by:Hubman
ID: 36569812
Cisco AnyConnect Essentials is the one I want to install. currently using the IPSec.
0
 
LVL 1

Author Comment

by:Hubman
ID: 36570799
How many hours should it take to configure if someone knows what they are doing?
0
 
LVL 18

Expert Comment

by:jmeggers
ID: 36926748
Sorry I didn't see your follow-up question.  A basic configuration on the ASA shouldn't take long for someone who knows what they're doing. Once you know the topology and how to handle NAT, etc. There's also an XML file to set up, there are typically files that have to be loaded onto the ASA (the client itself), so total configuration on the ASA, maybe 30 minutes.  Someone who already has everything worked out, files loaded, etc. can probably do it faster than that, it's generally not more than 10 commands or so on the ASA.  Usually when I'm working with a customer the slowdowns are they don't already have a TFTP server set up, they haven't pulled the client down from CCO, etc.  Those are the things that add time to the job.

AnyConnect Essentials doesn't allow for a lot of extras such as posture assessment, etc.  Those features require premium licenses and those features do require additional time to configure in ASDM.
0

Featured Post

Surfing Is Meant To Be Done Outdoors

Featuring its rugged IP67 compliant exterior and delivering broad, fast, and reliable Wi-Fi coverage, the AP322 is the ideal solution for the outdoors. Manage this AP with either a Firebox as a gateway controller, or with the Wi-Fi Cloud for an expanded set of management features

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Concerto Cloud Services, a provider of fully managed private, public and hybrid cloud solutions, announced today it was named to the 20 Coolest Cloud Infrastructure Vendors Of The 2017 Cloud  (http://www.concertocloud.com/about/in-the-news/2017/02/0…
This past year has been one of great growth and performance for OnPage. We have added many features and integrations to the product, making 2016 an awesome year. We see these steps forward as the basis for future growth.
Both in life and business – not all partnerships are created equal. As the demand for cloud services increases, so do the number of self-proclaimed cloud partners. Asking the right questions up front in the partnership, will enable both parties …
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…

756 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question