Using a Cisco VPN on iPad and incorporating RSA tokens

Hello community of Cisco,

I have what seems like a simple question.  I have almost no experience network so hopefully someone here can answer that.  I have this project iPad for my internship in which they want to create a remote access to their network using a VPN and a soft/hard security token.  It seems that they already use hard tokens RSA for their current home VPN connections.  They use portable computers to their home but want to start using iPads as well.  So my question is, an iPad can support a Cisco VPN using hard tokens RSA authentication? I just need a concrete answer to the management of work and literally just give them somewhere to start.  Thank you for taking the time to read my question and reply.

Phil

Phil,

AnyConnect on iphone/ipad/ipod should be able to handle hardtoken auth, but with softoken itegration could be problematic (the last time I heard that it was not supported at all).

M.

Tags: Cisco Security

Similar Questions

  • Unable to connect using the Cisco VPN client

    Hi all. I recently configured a 5510 ASA to allow remote access using the Cisco VPN client. The problem is that everything works fine when I connect using a modem classic or on a computer with a public address that I use for testing purposes, but whenever I try to connect with on an ADSL line, I can't access to the resources. I have connection and after that nothing, I can not achieve anything.

    I enclose the relevant configuration information in the attachment. Any help is welcome.

    Depending on the version, add...

    ISAKMP nat-traversal

    or

    ISAKMP nat-traversal crypto

    Should be all you need.

  • Cisco VPN client, PIX, and proxy

    Hi.I have problem in my company. We have users that go through a proxy server located in the DMZ of a PIX to the internet (allowed through the ACL of the DMZ on the outside, etc.). Which works very well.

    The problem arises when they use a Cisco VPN client to connect to another company, and they can no longer access the Internet, but may work via VPN to a remote site (client has been authorized by the Cisco PIX). Everything returns to normal when they no longer use the VPN client.

    Any ideas why this would happen?

    Without the proxy, browsing the internet via the vpn connection, or split tunnel is configured and you are leaving locally. If split tunnel is configured, the ip address of proxy server can overlap with the remote protected network.

    Fortunately, it is easy for you to know how the vpn is configured, just check the route details of vpn client statistics tab.

    Verify that the routing table local pc will also help you to solve this problem.

  • 3005 integrated VPN with ACS and server RSA auth

    Hi guys, I have a VPN 3005, using the version 4.7.2.B version, and I have the following problem.

    When a remote user using the Cisco VPN client tries to connect to the VPN 3005, it must try twice to authenticate.

    The first test, the user is authenticated, but the connection is immediately undermined by the peer.

    After the second attempt, the user is authenticated ok.

    Pablo,

    When you use RADIUS authentication on the hub, the ACS server will automatically send all the attributes of the user towards the concentrator for the user who is connecting. There is no need to have the authorization to be configured on the RADIUS server.

    According to the newspapers, it looks like the IP pool is the problem.

    [GroupP] user group [tuser] obtained IP addr (192.168.32.128) before launching the Cfg Mode (active XAuth)

    Subnet mask of the user [tuser] sending [GroupP] (255.255.255.224) group to the remote client

    User group [GroupP] [tuser] attempt to assign network or broadcast IP address, remove (192.168.32.128) of the

    After that, I see the customer negotiation again and the client is connected.

    Thus, the IP address is removed from the pool. Please make sure that you set up a pool that does not have a broadcast IP address.

    Thank you

    Gilbert

    Write it down, if this post can help.

  • AnyConnect + possible PSK (pre-shared key) as under with cisco vpn client ikev1 and ikev2

    Is it possible to create a VPN Anyconnect of RA with just the name of user and password + pre-shared key (Group) for the connection, as could do for ikev1 with cisco VPN client? I am running 8.4.X ASA code and looks like tunnel-group commands have 8.2.X somewhat change. If you change the group type of the tunnel for remote access, now there is no option for IKEv2 PSK. This is only available when you choose the type

    Type of TG_TEST FW1 (config) # tunnel - group?

    set up the mode commands/options:
    Site IPSec IPSec-l2l group
    Remote access using IPSec-IPSec-ra (DEPRECATED) group
    remote access remote access (IPSec and WebVPN) group
    WebVPN WebVPN Group (DEPRECATED)

    FW1(config-tunnel-General) # tunnel - group TG_TEST ipsec-attributes
    FW1(config-tunnel-IPSec) #?

    configuration of the tunnel-group commands:
    any required authorization request users to allow successfully in order to
    Connect (DEPRECATED)
    Allow chain issuing of the certificate
    output attribute tunnel-group IPSec configuration
    mode
    help help for group orders of tunnel configuration
    IKEv1 configure IKEv1
    ISAKMP policy configure ISAKMP
    not to remove a pair of attribute value
    by the peer-id-validate Validate identity of the peer using the peer
    certificate
    negotiation to Enable password update in RADIUS RADIUS with expiry
    authentication (DEPRECATED)

    FW1(config-tunnel-IPSec) # ikev1?

    the tunnel-group-ipsec mode commands/options:
    pre-shared key associate a key shared in advance with the connection policy

    I'm getting old so I hope that it is not in another complaint curmudgeonly on the loss of functionality. :)

    Many small businesses do not want to invest in the PKI. It is usually a pain to deploy, backup, make redundant, etc..

    But it would be nice to have a bit more security on VPN other than just the connections of username and password.

    If this is not possible, it is possible to configure the Anyconnect customer to IKEv1 with PSK and name at the level of the Group client?

    If this is not possible, WTH did cisco end customer VPN cisco as a choice of VPN connection (other than to get more fresh mail of license)?

    I really hope that something like this exists still!

    THX,

    WR

    You are welcome

    In addition to two factors, you can also do double authentication (ie the two using the user name and password). Each set of credentials can come from a Bank of different identities.

    With this scheme, you can can configure a local user name (common) with password on the SAA (think of it as your analog PSK) and the other be the AD user identification information.

  • Cisco VPN client v5 and integration Active Directory 2008

    Hi all

    I need to know if I can integrate Single Sign On for my Cisco VPN Client v.5 with my Active Directory which run on windows 2008

    THX in advance

    No, unfortunately, Single Sign On is only supported on Clientless SSL VPN (WebVPN), not on the IPSec VPN Client AnyConnect VPN Client.

  • How to connect to the CISCO VPN server without using the CISCO VPN client (from dialog Windows VPN)

    Hello world

    I have a cisco router 2800 installed in our company
    and I have it configured as a VPN server for professional help (cisco configuration)
    with the ease of the VPN Server Wizard
    Can I connect to this server using windows XP or 7 dialog VPN?

    Hello

    Your question of Windows 7 is more complex than what is generally answered in the Microsoft Answers community. It is better suited for the IT Pro TechNet public. Please post your question in the TechNet Forum. You can follow the link to your question:
    http://social.technet.Microsoft.com/forums/en-us/w7itpronetworking/threads

    I hope this helps!

  • L2l using routers Cisco VPN question

    I can successfully configure an L2L IPSec VPN between two ASAs but using a similar configuration on Cisco routers, I can't establish a tunnel ping to the local LAN interface on the other, but two, NY and Burlington, routers can ping each and other WAN interface. Here is the configuration of routers and a version of the show; I have attached the config files complete and the screenshot of the topology.
    I appreciate all help.
    The f

    F0/0 - ISP - F0/0 Burlington NY

    See the version

    Cisco IOS Software, software 3600 (C3640-IK9S-M), Version 12.4 (25), RELEASE SOFTWARE (fc1)
    Technical support: http://www.cisco.com/techsupport
    Copyright (c) 1986-2010 by Cisco Systems, Inc.
    Updated Thursday, August 18, 10 06:59 by prod_rel_team

    ROM: ROMMON emulation Microcode
    ROM: 3600 Software (C3640-IK9S-M), Version 12.4 (25), RELEASE SOFTWARE (fc1)

    The availability of NY is 0 minutes
    System returned to ROM by unknown charge cause - suspect boot_data [BOOT_COUNT] 0 x 0, BOOT_COUNT 0, BOOTDATA 19
    System image file is "tftp://255.255.255.255/unknown".

    Cisco 3640 (R4700) Prozesseur (revision 0xFF) 124928K / 6144K bytes of memory.
    Card processor ID FF1045C5
    R4700 CPU at 100 MHz, 33, Rev 1.2 implementation
    2 FastEthernet interfaces
    Configuration of DRAM is wide with parity 64-bit capable.
    125K bytes of NVRAM memory.
    8192 K bytes of processor onboard flash system (read/write)

    Configuration register is 0 x 2102

    NY router

    crypto ISAKMP policy 1
    BA aes 256
    preshared authentication
    Group 2
    address of ThisIsAWeekKey key crypto isakmp 172.16.2.2
    !
    !
    Crypto ipsec transform-set esp - aes 256 esp-sha-hmac L2L
    !
    Burlington 1-isakmp ipsec crypto map
    defined peer 172.16.2.2
    game of transformation-L2L
    match address Burlington-NW
    !
    !
    interface FastEthernet0/0
    address 172.16.1.2 IP 255.255.255.252
    automatic duplex
    automatic speed
    card crypto Burlington
    !
    interface FastEthernet1/0
    IP 10.0.1.1 255.255.255.0
    automatic duplex
    automatic speed
    !
    no ip address of the http server
    no ip http secure server
    !
    IP forward-Protocol ND
    IP route 0.0.0.0 0.0.0.0 172.16.1.1
    !
    !
    Burlington-NW extended IP access list
    ip licensing 10.0.1.0 0.0.0.255 10.0.2.0 0.0.0.255

    Burlington router

    crypto ISAKMP policy 1
    BA aes 256
    preshared authentication
    Group 2
    address of ThisIsAWeekKey key crypto isakmp 172.16.1.2
    !
    !
    Crypto ipsec transform-set esp - aes 256 esp-sha-hmac L2L
    !
    NY 1 ipsec-isakmp crypto map
    defined peer 172.16.1.2
    game of transformation-L2L
    match address NY - NW
    !
    !
    interface FastEthernet0/0
    IP 172.16.2.2 255.255.255.252
    automatic duplex
    automatic speed
    card crypto NY
    !
    interface FastEthernet1/0
    IP 10.0.2.1 255.255.255.0
    automatic duplex
    automatic speed
    !
    no ip address of the http server
    no ip http secure server
    !
    IP forward-Protocol ND
    IP route 0.0.0.0 0.0.0.0 172.16.2.1
    !
    !
    NY - NW extended IP access list
    IP 10.0.2.0 allow 0.0.0.255 10.0.1.0 0.0.0.255

    No problem, we learn every day

    Please kindly marks the message as answered while others can also learn from your post. Thank you.

  • Problem ACS 4.0 and Server RSA Token

    Hello

    We are having a problem trying to get 4.0 for Windows GBA authenticate users on a Server Token RSA wireless.

    Our Cisco 1200 AP series is configured for WPA2 and LEAP Authentication. He points to the ACS server for RADIUS authentication. Now, it works very well for users with a static password defined on the internal database of GBA. However, for obvious security reasons, we? d as the transmitted authentication to our server internal RSA.

    I installed RSA Agent on the same server as the ACS along (after adding the sdconf.rec file in the System32 folder). The RSA server was added to the ACS external database and a user configured to use the Token RSA server for password.

    When we try to authenticate, the ACS fails the attempt with reason? External DB passes invalid?. The same user can authenticate successfully during the use of the RSA test authentication tool that is installed on the ACS server under the RSA Agent software.

    After running some debugs a pix in front of the servers, I see traffic to and from the servers when you use the test tool (that works), but it looks like GBA doesn't? t even send traffic to the RSA server during authentication.

    Any help or advice appreciated.

    Thank you

    no no no no! Do not use EVER of RSA with WIFI + PAP.

    The token + pin can be sniffed and is good for 60 seconds... on the Wifi which is disastrous.

  • Setup for use with Cisco Anyconnect VPN IPsec

    So, I had trouble setting up VPN on our ASA 5510. I would use IPsec VPN so that we don't have to worry about licensing issues, but what I have read you can do with and always use Cisco Anyconnect. My knowledge on how to set up VPN especially in iOS version 8.4 is limited, so I've been using a combination of command line and ASDM.

    I am finally able to connect from a remote location, but once I log in, nothing else works. What I've read, you can use IPsec for client-to-lan connections. I use a pre-shared for this. Documentation is limited on what should happen after have connected you? Shouldn't be able to local access on the vpn connection computers? I'm trying to implement work. If I have VPN from home, should not be able to access all of the resources at work? According to me, because I used the command-line as ASDM I confused some of the configuration. In addition, I think that some of the default policies are confused me too. So I probably need a lot of help. Here is my current setup with the changed IP address and other things that are not related to deleted VPN.

    NOTE: We are still testing this ASA and is not in production.

    Any help you can give me is greatly appreciated.

    ASA Version 8.4 (2)

    !

    ASA host name

    domain.com domain name

    !

    interface Ethernet0/0

    nameif inside

    security-level 100

    the IP 192.168.0.1 255.255.255.0

    !

    interface Ethernet0/1

    nameif outside

    security-level 0

    IP 50.1.1.225 255.255.255.0

    !

    interface Ethernet0/2

    Shutdown

    No nameif

    no level of security

    no ip address

    !

    interface Ethernet0/3

    Shutdown

    No nameif

    no level of security

    no ip address

    !

    interface Management0/0

    No nameif

    security-level 100

    IP 192.168.1.1 255.255.255.0

    !

    boot system Disk0: / asa842 - k8.bin

    passive FTP mode

    DNS domain-lookup outside

    DNS server-group DefaultDNS

    !

    permit same-security-traffic intra-interface

    !

    network of the NETWORK_OBJ_192.168.0.224_27 object

    subnet 192.168.0.224 255.255.255.224

    !

    object-group service VPN

    ESP service object

    the purpose of the tcp destination eq ssh service

    the purpose of the tcp destination eq https service

    the purpose of the service udp destination eq 443

    the destination eq isakmp udp service object

    !

    allowed IP extended ip access list a whole

    !

    mask 192.168.0.225 - 192.168.0.250 255.255.255.0 IP local pool VPNPool

    no failover

    failover time-out period - 1

    ICMP unreachable rate-limit 1 burst-size 1

    ASDM image disk0: / asdm - 645.bin

    don't allow no asdm history

    ARP timeout 14400

    NAT (inside, outside) static source any any static destination NETWORK_OBJ_192.168.0.224_27 NETWORK_OBJ_192.168.0.224_27 non-proxy-arp-search to itinerary

    !

    the object of the LAN network

    NAT dynamic interface (indoor, outdoor)

    Access-group outside_in in external interface

    Route outside 0.0.0.0 0.0.0.0 50.1.1.250 1

    Sysopt noproxyarp inside

    Sysopt noproxyarp outdoors

    Crypto ipsec transform-set ikev1 SHA-ESP-3DES esp-3des esp-sha-hmac

    Crypto ipsec transform-set ikev1 ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac

    Crypto ipsec transform-set ikev1 ESP-DES-SHA esp - esp-sha-hmac

    Crypto ipsec transform-set ikev1 esp ESP-DES-MD5-esp-md5-hmac

    Crypto ipsec transform-set ikev1 ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac

    Crypto ipsec transform-set ikev1 ESP-3DES-MD5-esp-3des esp-md5-hmac

    Crypto ipsec transform-set ikev1 ESP-AES-256-SHA esp-aes-256 esp-sha-hmac

    Crypto ipsec transform-set ikev1 ESP-AES-128-SHA aes - esp esp-sha-hmac

    Crypto ipsec transform-set ikev1 ESP-AES-192-SHA esp-aes-192 esp-sha-hmac

    Crypto ipsec transform-set ikev1 ESP-AES-128-MD5-esp - aes esp-md5-hmac

    Crypto ipsec ikev2 ipsec-proposal OF

    encryption protocol esp

    Esp integrity sha - 1, md5 Protocol

    Crypto ipsec ikev2 proposal ipsec 3DES

    Esp 3des encryption protocol

    Esp integrity sha - 1, md5 Protocol

    Crypto ipsec ikev2 ipsec-proposal AES

    Esp aes encryption protocol

    Esp integrity sha - 1, md5 Protocol

    Crypto ipsec ikev2 ipsec-proposal AES192

    Protocol esp encryption aes-192

    Esp integrity sha - 1, md5 Protocol

    Crypto ipsec ikev2 AES256 ipsec-proposal

    Protocol esp encryption aes-256

    Esp integrity sha - 1, md5 Protocol

    crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 pfs Group1 set

    crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 define ikev1 transform-set ESP-AES-128-SHA ESP-AES-128-MD5 ESP-AES-192-SHA ESP-AES-192-MD5 ESP-AES-256-SHA ESP-AES-256-MD5 ESP-3DES-SHA MD5-ESP-3DES ESP-DES-SHA ESP-DES-MD5

    crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 define ikev2 AES256 AES192 AES 3DES ipsec-proposal OF

    outside_map card crypto 65535-isakmp dynamic ipsec SYSTEM_DEFAULT_CRYPTO_MAP

    outside_map interface card crypto outside

    Crypto ca trustpoint ASDM_TrustPoint0

    registration auto

    name of the object CN = ASA

    Configure CRL

    crypto ca server

    Shutdown

    string encryption ca ASDM_TrustPoint0 certificates

    certificate d2c18c4e

    864886f7 0d06092a c18c4e30 308201f3 3082015c a0030201 d 020204 2 0d 010105

    0500303e 3110300e 06035504 03130741 53413535 3130312a 2 a 864886 30280609

    02161b 41 53413535 31302e64 69676974 616c 6578 7472656d 65732e63 f70d0109

    3131 31303036 31393133 31365a 17 323131 30303331 39313331 0d 170d 6f6d301e

    365a303e 3110300e 06035504 03130741 53413535 3130312a 2 a 864886 30280609

    02161b 41 53413535 31302e64 69676974 616c 6578 7472656d 65732e63 f70d0109

    6f6d3081 9f300d06 092 has 8648 86f70d01 01010500 03818d b 30818902-00-818100-2

    8acbe1f4 5aa19dc5 d3379bf0 f0e1177d 79b2b7cf cc6b4623 d1d97d4c 53c9643b

    37f32caf b13b5205 d24457f2 b5d674cb 399f86d0 e6c3335f 031d54f4 d6ca246c

    234b32b2 b3ad2bf6 e3f824c0 95bada06 f5173ad2 329c28f8 20daaccf 04c 51782

    3ca319d0 d5d415ca 36a9eaff f9a7cf9c f7d5e6cc 5f7a3412 98e71de8 37150f02

    03010001 300 d 0609 2a 864886 f70d0101 05050003 8181009d d2d4228d 381112a 1

    cfd05ec1 0f51a828 0748172e 3ff7b480 26c197f5 fd07dd49 01cd9db6 9152c4dc

    18d0f452 50f5d0f5 4a8279c4 4c1505f9 f5e691cc 59173dd1 7b86de4f 4e804ac6

    beb342d1 f2db1d1f 878bb086 981536cf f4094dbf 36c5371f e1a0db0a 75685bef

    af72e31f a1c4a892 d0acc618 888b53d1 9b 888669 70e398

    quit smoking

    IKEv2 crypto policy 1

    aes-256 encryption

    integrity sha

    Group 2 of 5

    FRP sha

    second life 86400

    IKEv2 crypto policy 10

    aes-192 encryption

    integrity sha

    Group 2 of 5

    FRP sha

    second life 86400

    IKEv2 crypto policy 20

    aes encryption

    integrity sha

    Group 2 of 5

    FRP sha

    second life 86400

    IKEv2 crypto policy 30

    3des encryption

    integrity sha

    Group 2 of 5

    FRP sha

    second life 86400

    IKEv2 crypto policy 40

    the Encryption

    integrity sha

    Group 2 of 5

    FRP sha

    second life 86400

    Crypto ikev2 activate out of service the customer port 443

    Crypto ikev2 access remote trustpoint ASDM_TrustPoint0

    Crypto ikev1 allow outside

    IKEv1 crypto policy 10

    preshared authentication

    3des encryption

    sha hash

    Group 2

    life 86400

    IKEv1 crypto policy 65535

    preshared authentication

    3des encryption

    sha hash

    Group 2

    life 86400

    Telnet timeout 5

    SSH timeout 10

    Console timeout 0

    management-access inside

    SSL-trust outside ASDM_TrustPoint0 point

    WebVPN

    allow outside

    AnyConnect image disk0:/anyconnect-win-2.5.2014-k9.pkg 1

    AnyConnect image disk0:/anyconnect-linux-2.5.2014-k9.pkg 2

    AnyConnect image disk0:/anyconnect-macosx-i386-2.5.2014-k9.pkg 3

    profiles of AnyConnect VPN disk0: / devpn.xml

    AnyConnect enable

    tunnel-group-list activate

    internal VPN group policy

    attributes of VPN group policy

    value of server WINS 50.1.1.17 50.1.1.18

    value of 50.1.1.17 DNS server 50.1.1.18

    Ikev1 VPN-tunnel-Protocol, l2tp ipsec ikev2 ssl-client

    digitalextremes.com value by default-field

    WebVPN

    value of AnyConnect VPN type user profiles

    always-on-vpn-profile setting

    privilege of xxxxxxxxx encrypted password username administrator 15

    VPN1 xxxxxxxxx encrypted password username

    VPN Tunnel-group type remote access

    General-attributes of VPN Tunnel-group

    address (inside) VPNPool pool

    address pool VPNPool

    LOCAL authority-server-group

    Group Policy - by default-VPN

    VPN Tunnel-group webvpn-attributes

    enable VPN group-alias

    Group-tunnel VPN ipsec-attributes

    IKEv1 pre-shared-key *.

    !

    class-map inspection_default

    match default-inspection-traffic

    class-map ips

    corresponds to the IP access list

    !

    !

    type of policy-card inspect dns preset_dns_map

    parameters

    maximum message length automatic of customer

    message-length maximum 512

    Policy-map global_policy

    class inspection_default

    inspect the preset_dns_map dns

    inspect the ftp

    inspect h323 h225

    inspect the h323 ras

    Review the ip options

    inspect the netbios

    inspect the rsh

    inspect the rtsp

    inspect the skinny

    inspect esmtp

    inspect sqlnet

    inspect sunrpc

    inspect the tftp

    inspect the sip

    inspect xdmcp

    inspect the http

    class ips

    IPS inline help

    class class by default

    Statistical accounting of user

    I would recommend buy AnyConnect Essentials. The cost of the license is nominal - list of US $150 for the 5510. (piece number L-ASA-AC-E-5510 =)

    Meawwhile you can use the Cisco VPN client inherited with IKEv1 IPSec remote access VPN using profiles *.pcf.

    I believe you can also use the client Anyconnect client SSL or DTLS transport access remotely (non-IPsec) without having to buy the license Anyconnect Essentials for your ASA focus.

    As an aside, note that if you want to use AnyConnect Mobile (e.g. for iPhone, iPad, Android, Blackberry etc.clients) you will also get the additional license for it (L-ASA-AC-M-5510 =, also price US $150)

  • SafeNet and Cisco VPN Client Compatible?

    I have been using the Cisco VPN for quite awhile with no problems. Recently, we have added a Watchguard Firebox somewhere else and have installed the Client of Watchguard MUVPN, otherwise known as a customer of Safenet.

    Since the installation, I could not yet properly use the Cisco Client. If I disable the two Services of Safenet, I invited to my user id and password and connect to the Cisco Concentrator and get an ip, etc. However, I can't ping anything on the network.

    My solution is to completely uninstall both clients and reinstall the Cisco by itself. This is not very practical.

    If anyone know a fix for this I'd appreciate comments.

    Thank you

    Patrick Dunnigan

    Hi Patrick,

    I only got lucky with the SafeNet customer brand Watchguard with the 4.0.x releases of the Cisco client. I think Cisco 4.6 clients use a newer driver from the DNE or else that plays well with SafeNet.

    In any case, here's how to set up PC that requires both clients:

    First, install the Cisco VPN client. Restart the application, and then stop and disable the Windows service.

    Install the client for Watchguard, reboot as requested.

    Then, stop and set to manual both SafeNet services, then start and set to automatic the Cisco service.

    Delete the shortcut in your Start menu Startup group safecfg.exe (or the key of HKLM\MS\Windows\CurrentVer\Run, where he gets set.)

    Delete the shortcut to start for the Cisco VPN client as well.

    Whenever you want to use the Cisco customer, you can just launch the Dialer to IPSec. If you want to run the SafeNet client, stop the Cisco service, start the services of SafeNet, then run safecfg.exe. A few batch files facilitate this process for users.

    Hope that helps,

    Chris

  • Problem with the Cisco VPN and Vista client

    Hello

    I have an easy VPN server configured on a c2811 and users use the Cisco VPN client. Lately, I have users running Windows Vista 64 bit and I need to know what is the correct version of the vpn client, I have to use and the compatibility problems with the server, I configured.

    Thank you and best regards.

    Cisco VPN Client doesn't have any version that is compatible with Vista 64 bit OS. The only customer that Cisco has released that supports the 64 bit OS's AnyConnect, but it is only supported on the CISCO ASA Appliance

  • Different classes using Cisco VPN Client VPN

    Hello

    on a cisco ASA 5510, I defined a vpn group used for remote teleworkers who have access to the entire LAN using Cisco VPN Client 4.8.

    I would give to others of this client, but I need to limit their access to LAN resources, which means that I have to have two types of users:

    Remote LAN access

    access to only certain IP addresses

    Both must use the Cisco VPN client.

    How can I do?

    Thank you

    This link should help.

    http://www.Cisco.com/en/us/products/HW/vpndevc/ps2030/products_configuration_example09186a0080641a52.shtml

  • How to use Windows 7 64-bit cisco vpn client?

    Hello

    I want to use the cisco vpn client to connect to my Institute.

    I use Windows 7 64-bit edition Home premium.

    I tried several options, but nothing has worked.

    Please suggest me the correct procedure to run on my Windows 7 64 bit Home Premium Cisco vpn client.

    Thanks in advance,

    Federico

    VPNclient is not yet supported on 64-bit windows.

    However, there is a beta version of the next 5.0.7 version that does.

    Have you tried this version? If so, what are the exact symptoms?

    Edit: you can download the 5.0.7 beta here

  • Cisco VPN client 3.5.1 and Cisco ASA 5.2 (2)

    Hello

    I have a strange problem about Cisco VPN client (IPSec) with Cisco ASA. The Cisco ASA runs software version 5.2 (2). The Cisco VPN client version is 3.5.1.

    The problem is the customer able Cisco VPN to authenticate successfully with Cisco ASA, but could not PING to any LAN behind the Cisco ASA. In any case, the problem disappeared when we used the Cisco VPN version 4.6 or 4.8 of the customer. All parameters are exactly the same. What has happened? What is the cause of this problem? How can I solve this problem?

    Please advice.

    Thank you

    Nitass

    I understand your problem, I never used 3.5.1 so I thought that maybe nat - t is not enabled by default as 4.x.

Maybe you are looking for