Solved

ASA SSL VPN essentials

Posted on 2011-09-20
4
512 Views
Last Modified: 2012-05-12
i am looking for a easy to follow, how to setup SSL VPN essentials. i am buying the license. we are currently using the vpn client, can these co exist? i will remove old vpn cleint after ssl is installed and tested.
0
Comment
Question by:Hubman
  • 2
  • 2
4 Comments
 
LVL 18

Accepted Solution

by:
jmeggers earned 500 total points
ID: 36569488
If you're talking about the IPsec VPN client, it can coexist with the AnyConnect client.  If you're talking about the AnyConnect client itself, it's the same client for premium and Essentials licenses.  If you're talking about the old SVC client, get rid of it.

If you're setting up the VPN, my advice is to use the wizard in ASDM.  Pretty easy to follow, the big stumbling block everyone seems to hit is NAT, but if you're currently using the IPSec client you should have already addressed that.  If you're converting from IPSec over to SSL, my suggestion would be to use the existing address pool, since you've probably already addressed the no-NAT issue for that address block.
0
 
LVL 1

Author Comment

by:Hubman
ID: 36569812
Cisco AnyConnect Essentials is the one I want to install. currently using the IPSec.
0
 
LVL 1

Author Comment

by:Hubman
ID: 36570799
How many hours should it take to configure if someone knows what they are doing?
0
 
LVL 18

Expert Comment

by:jmeggers
ID: 36926748
Sorry I didn't see your follow-up question.  A basic configuration on the ASA shouldn't take long for someone who knows what they're doing. Once you know the topology and how to handle NAT, etc. There's also an XML file to set up, there are typically files that have to be loaded onto the ASA (the client itself), so total configuration on the ASA, maybe 30 minutes.  Someone who already has everything worked out, files loaded, etc. can probably do it faster than that, it's generally not more than 10 commands or so on the ASA.  Usually when I'm working with a customer the slowdowns are they don't already have a TFTP server set up, they haven't pulled the client down from CCO, etc.  Those are the things that add time to the job.

AnyConnect Essentials doesn't allow for a lot of extras such as posture assessment, etc.  Those features require premium licenses and those features do require additional time to configure in ASDM.
0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
Exchange server is not supported in any cloud-hosted platform (other than Azure with Azure Premium Storage).
As a trusted technology advisor to your customers you are likely getting the daily question of, ‘should I put this in the cloud?’ As customer demands for cloud services increases, companies will see a shift from traditional buying patterns to new…
Both in life and business – not all partnerships are created equal. Spend 30 short minutes with us to learn:   • Key questions to ask when considering a partnership to accelerate your business into the cloud • Pitfalls and mistakes other partners…

895 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

15 Experts available now in Live!

Get 1:1 Help Now