A lot of folks are still using the old IPSEC-based Cisco VPN Client…
But Cisco has dropped support for this VPN software client in favor of the new SSL / DTLS VPN software called “Cisco AnyConnect Secure Mobility Client”.
It takes a little bit to program the firewall to get this new client to work right. I’m amazed at how expensive Cisco Press books like Cisco ASA, All-in-One Firewall, IPS, and VPN Adaptive Security Appliance, Third Edition don’t even get it exactly right.
Today I set this up with LDAP (Windows AD) integration so as to minimize the requirement for end-users to maintain two separate sets of passwords.
What are the benefits of this new client?
A) The old Cisco VPN Client is obsolete and required a registry hack to make it work on Win8 (and even then sometimes it's buggy). For new versions of Windows currently in development, the old Cisco client will not work at all.
B) Deployment of the software client does not require manual distribution (it's automatically downloaded from the Firewall).
C) For customers that have Windows AD you can integrate the Firewall with AD / LDAP and they we don't need to maintain two sets of passwords anymore (of course this could also be done with IPSEC VPN Client).
D) There is a free iPAD app / VPN client in the iTunes app store.
No comments:
Post a Comment