Necessary certificate on ASA 5510 for Cisco Secure Desktop?

Similar Questions

• All necessary licenses on ASA 5510 for old Cisco VPN Client

  We're trying to migrate our firewall Watchguard to a Cisco ASA 5510, who bought some time ago. For some reason, all of our users have already installed the old Cisco VPN client. I think it will work. Are there licensing issues on the 5510 I had to be concerned with?  No matter what special config that needs to be done on the 5510?

  Fix. You don't require licensing of AnyConnect of any type of configuration and the use of IKEv1 IPsec remote access VPN (which use the old Cisco VPN client).

  You will be limited to 250 active IPsec peers (remote access more no matter what VPN site-to-site) by the platform (hardware) device capabilities that are enforced by the software.

• Windows 2003 & Management Center for Cisco Security Agents

  I'm sorry if this question has been asked before, but I was unable to see the answer here.

  The management center of CiscoWorks for Cisco Security Agents can be installed on a Windows 2003 Server?

  I'm asking because I am that it is difficult to find a new server that comes with Windows 2000.

  I'm not in the office at the moment, but I think the version I have is 4.5.

  Thank you

  Ian

  You're welcome and good luck.

• Cisco Secure Desktop installation

  Hello world

  I am very beginner in cisco device. in my Office I have vpn 3000 Concentrator and would use the secure desktop cisco with her

  succeced, I have install Secure Desktop version 3.1.1.45. to test, I would run cisco secure desktop from my client computer (XP). that means url I enter in the internet browser?

  Thank you

  ADI

  You would https to the public ip address of VPN concentrator.

  Here is more information on how to configure CSD on VPN hub for your reference:

  / * Style definitions * / table. MsoNormalTable {mso-style-name: "Table Normal" "; mso-knew-rowband-size: 0; mso-knew-colband-size: 0; mso-style - noshow:yes; mso-style-priority: 99; mso-style - qformat:yes; mso-style-parent:" ";" mso-padding-alt: 0 cm 0 cm 5.4pt 5.4pt; mso-para-margin: 0 cm; mso-para-margin-bottom: .0001pt; mso-pagination: widow-orphan; font-size: 11.0pt; font family: 'Calibri', 'sans-serif"; mso-ascii-font-family: Calibri; mso-ascii-theme-make: minor-latin; mso-hansi-font-family: Calibri; mso-hansi-theme-make: minor-latin; mso-bidi-font-family:"Times New Roman"; mso-bidi-theme-make: minor-bidi ;}"}

  http://www.Cisco.com/en/us/partner/docs/security/CSD/csd311/csd_for_vpn3k_cat6k/configuration/guide/CSDprefc.html

  Hope that helps.

• On the Cisco secure desktop PC emulator

  We have an ASA 5550.  We need to install the software host explore on each computer so that users can make payroll on the mainframe.  It is possible to install this software on the Cisco Secure Desktop uses SSL client so that it is unnecessary to install Explorer host on each computer?

  Thank you.

  Diane

  No, you can not use CSD to install the software you want to install. CSD provides a virtual office to provide the secure environment when you connect via VPN/SSL. CSD is not like citrix or RDP unfortunately.

• Where can I download Cisco Secure Desktop (CSD)?

  I need to download Cisco Secure Desktop and I followed the link provided below of cisco... but he gave sent me to a different link.

  http://www.Cisco.com/c/en/us/TD/docs/security/CSD/csd34/configuration/gu...

  http://www.Cisco.com/cgi-bin/tablebuild.pl/secureDesktop

  Help please!

  If you have found useful information, please mark it as correct.

  Thank you.

• pre-opening Cisco Secure Desktop policies

  Hello

  We just do 2 updates on our asa 5510...

  1. we have improved our ASA 5510 6.21 to 6.41 firmware

  2. we have also improved for the last package of csd

  (we have improved from 3.5.841 to 3.5.2008)

  After 2 refills, it seems that all my policies pre-opening disappeared

  I try to activate / disable the CSD and they won't come back...

  I only have the default policy

  What can I do to get back them?

  any clues on this?

  Thanks for the help!

  You will not be able to recover it, but check to see if one of your old configuration still exists in flash.

  The CSD is stored in a file called "data.xml", there is on the flash of the SAA in the sdesktop directory. You can try to tftp this disabled the flash of the ASA file and see if it contains no remenants of your previous config of csd.

  CD desktop

  dir

  (you should see the file called "Data.xml")

  copy tftp flash:/sdesktop/data.xml

  If when you view this file you don't see one of your old settings of localization of CSD, then I think you'll be out of luck unless you have a copy saved to another location.

  -heather

  Don't forget to note all the messages you help and mark the issue as resolved.

• Cisco secure desktop

  Hello

  Please need help here,

  I have pre-opening policies configured on my ASA 5520 (9.1. (4-6)) and adsm 7.5 (1)) but I am not able to see the page on ASDM pre-opening,

  screen_shot_2015-10 - 16_at_00.00.56.png

  

  Any suggestion?

  Kind regards

  AM

  You can use Anyconnect 4.x or 3.x with policies before logon. As long as you have installed version 3.x of the hostscan image on your ASA.  You may need to downgrade the ASDM version.

  However being inform security risk on shared bugs previously mentioned.

  It will be useful.

  -Randy-

• Cisco Secure Desktop - can you allow to download Java applet

  Hello

  I am CSD test and were invited to provide access to a web site that tries to open it and insert a Java Applet which enabels user to use a finance app.

  However, I set up the CSD, I get an error when the finance Java applet tries to install.

  Is there a way to allow this Java to be installed on the CSD?

  Thanks for any help/suggestions

  concerning

  Bryn

  Perhaps this document could gve you an idea.

  http://www.Cisco.com/en/us/products/sw/secursw/ps2308/products_configuration_guide_book09186a008042102a.html

• ASA 5510 - tips for setting up - no internet

  Hi all

  I'll set up an ASA 5510 for the first time using the GUI.

  I put 0/0 0/1 and outside as inside.

  I set up outside with the static WAN address, and it is connected to my ISP.

  But I can't do everything Internet works on the inner harbor. I've read elsewhere, I need to add a static route. Can someone please advise?

  You must place a default route to carry traffic from inside to outside. Use the GUI to place a static route 0.0.0.0 0.0.0.0 for the ip address of your next hop ip of the connection to the ISP.

  Sent by Cisco Support technique Android app

• VPN on ASA-5510 with Configure a dynamic encryption card

  Hi all

  My name is ping, I have ASA-5510 for site to site VPN configuration, but am not clear with a few conifguration on ASA-5510 series, not sure on poin than, when I install on other sets of cisco router I can use

  ASA2 (config) #crypto card outside-card 10 ipsec-isakmp

  % NOTE: this new map encryption will remain disabled until a peer

  and a valid access list have been configured.

  ........

  but, when I configure ASA 5510 it as below:

  mtelcoASA2 (config) # crypto?

  set up the mode commands/options:

  CA Certification Authority

  dynamic-map set up a dynamic encryption card

  IPSec transform-set set, life of the IPSec Security Association and fragmentation

  ISAKMP configure ISAKMP

  main activities key long-term

  card to configure an encryption card

  ASA2 (config) # map outside-map 10 ipsec-isakmp crypto ?

  set up the mode commands/options:

  Entry dynamic is a dynamic map

  "Set up a dynamic crypto map" which uses for and why I can't use only "map outside-map 10 ipsec-isakmp crypto" and if not can't, can I skip this command or tell me the other way with explanation with nicely,

  Thank you very much

  hot topic,

  Ping,

  Just use crypto card outside-map 10 match/set without ipsec-isakmp key word and it will be fine.

• Issue of ASA 5540 and secure desktop Configuration

  Hey guys, I have the program installation and tested AnyConnect VPN and Cisco Secure Desktop successfully.

  Here's my question: is it possible to install two groups of VPN users, using Secure Desktop and who does not. Example of the groups below:

  Group 1: Corporate computers laptops that are not standard AnyConnect VPN Secure Desktop client.

  Group 2: Contractor and personal computers that cannot use the Cisco Secure Desktop via AnyConnect VPN.

  Thanks for you help guys!

  It is now possible to the 8.2.1. You can disable the CSD on a per database connection profile, you use Group URL subject.

• Cisco Anyconnect/WebVPN license for ASA 5510

  Hello

  Someone could please check the licenses for ASA 5510 attachment and let me know. We currently have ASA 5510 with basic license. According to the table attached under VPN sessions, he mentions that "250 combined SESSIONS IPSec and WebVPN" and to "Max box of WebVPN Session" it is mentioned that 2nd meeting, exceeding that we must buy license optional webvpn. While we the 250 combined license for IPSec and webVPN. We must purchase additional anyconnect license to set up remote access for users who want to use the internal resources from outside the network. OrElse, we don't have to purchase license and can configure webvpn/anyconnect of existing combined license existing users basic ASA license? Waiting for your response. Thank you.

  You are welcome.

  1 Yes

  2 AnyConnect requires no Java, but it can he use when connecting to one AnyConnect SSL VPN client and launch the Web browser option start Java-based. There was a bug with the AnyConnect old versions had later who should have addresses. You also have the option to launch via IE and using ActiveX or simply throw AnyConnect directly - neither of these two methods require Java.

  Here is a document TAC on the Java questions if you want more details.

  Please take a moment to note the useful messages and mark your answers questions.

• Cisco ASA 5510 multiple dynamic config VPN L2L necessary

  Hello

  We have a Cisco asa 5510 with static IP address. Also, we have a remote office with a dynamic IP address. We now have a dynamic to static VPN configured L2L. And now, we must add new tunnel to another site with a dynamic IP address. Is this possible? Does anyone have an example of woking, or manual?

  Oleg Kobelev

  The config only you need in the ASA is: -.

  (1) set of crypto processing

  (2) political ISAKMP

  (3) dynamic Crypto map

  (4) default group L2L & PSK

  (5) Config RRI (reverse Route Injection)

  HTH >

• Cisco ASA 5510 + license + AIP - SSM

  Hello.

  I have this box.

  I have a few questions about it.

  (1) I'll be able to update the firmware (from 8.2 to 8.3 or greater for example) without smarnet for ASA 5510? And what can not do without smartnet?

  (2) I have only AIP-SSM-10 module this ASA 5510. is there a smartnet, too? And when I buy only one module is it build in a subscription for 1 year for the signatures of the IPS?

  (3) if I have the Cisco ASA 5510 base license, my IPS on AIP-SSM-10 will work?

  (4) as I foresee in a purchase of the year a 5510 more with the same module and mount ther of failover. I really need license Security more than failover (active / standby)? For active/active, I know I need one, Yes?

  Please help me.

  (1) you must Smartnet in order to download the software from the download from cisco.com site.

  (2) Yes, there is also a smartnet for the AIP module. Module AIP does not come with one year subscription, but you can ask for a demo license.

  (3) Yes, the basic license is OK for the AIP module.

  (4) Yes, you would need license security more on the two ASA to be able to run any type of failover on ASA5510.

  Hope that answers your questions.