Dear Fawad , that is very good question, which I am also looking for answer
what is the true replacement of the of legacy IPSec Client v5.0?
regards
Waleed
CCIE 36851 (Security),CISSP,CCSP,CCNP,CCNA
Date: Tue, 29 Jul 2014 20:12:36 +0200
From: pio...@ipexpert.com
To: fawa...@gmail.com
CC: ccie_security@onlinestudylist.com
Subject: Re: [OSL | CCIE_Security] Any connect IPSec client.
Fawad
It should be like you say but to be honest I am not quite sure - maybe at some
point it will try to refresh the profile which would break connectivity.
Regards,
Piotr Kaluzny : Sr Instructor : iPexpertCCIE # 25665 :: Security
:: World-Class Cisco Certification Training
Direct: +1-810-326-1444
:: Free Videos
:: Free Training / Product Offerings
:: CCIE Blog
:: Twitter
On Tue, Jul 29, 2014 at 7:46 PM, Fawad Khan <fawa...@gmail.com> wrote:
Thank you Piotr,In other words can we disable the webvpn, after the users have
downloaded the profile?
RegardsFawad Khan
On Tuesday, July 29, 2014, Piotr Kaluzny <pio...@ipexpert.com> wrote:
Hi Fawad
SSL cert is needed so you can build a clientless tunnel with the ASA to
download AnyConnect Profile. The Profile contains the settings for the AC
client itself and it will also populate a list of servers along with a protocol
to be used for the connection. So if you configured IPSec in the Profile, all
subsequent connections should negotiate VPN using IKE/IPSec instead of SSL.
Regards,
Piotr Kaluzny : Sr Instructor : iPexpertCCIE # 25665 :: Security
:: World-Class Cisco Certification Training
Direct: +1-810-326-1444
:: Free Videos
:: Free Training / Product Offerings
:: CCIE Blog
:: Twitter
On Tue, Jul 29, 2014 at 12:19 AM, Fawad Khan <fawa...@gmail.com> wrote:
I have a very stupid question. I hope I'll get an intelligent answer here.
Does the Cisco Anyconnect IPSec client really need SSL cert to be installed on
the firewall?
If yes, then how does it remain a IPSec client only?
In other case, what is the true replacement of the of legacy IPSec Client v5.0?
Thank you in advance.
RegardsFawad Khan
--
Fawad Khan"This message is sent using a smartphone application , I apologize
for any spelling or grammatical mistake also if the message is too short in
length or description".
Thank you.
_______________________________________________
Free CCIE R&S, Collaboration, Data Center, Wireless & Security Videos ::
iPexpert on YouTube: www.youtube.com/ipexpertinc
--
Fawad Khan"This message is sent using a smartphone application , I apologize
for any spelling or grammatical mistake also if the message is too short in
length or description".
Thank you.
_______________________________________________
Free CCIE R&S, Collaboration, Data Center, Wireless & Security Videos ::
iPexpert on YouTube: www.youtube.com/ipexpertinc
_______________________________________________
Free CCIE R&S, Collaboration, Data Center, Wireless & Security Videos ::
iPexpert on YouTube: www.youtube.com/ipexpertinc
