Cisco AnyConnect – Securing with Microsoft Certificate Services
Part 2 (How to Configure AnyConnect) KB ID 0001031 Problem Back in Part 1 We configured the Microsoft Certificate Services to meet our certificate needs. Now we configure the firewall for AnyConnect. Solution 1. Log onto the ASA > Go to global configuration Mode. login as: petelong petelong@192.168.100.1’s password:********** Type help or ‘?’ for a list of available commands. Petes-ASA> enable Password: *******...
Cisco AnyConnect – Securing with Microsoft Certificate Services
Part 1 (How to Configure Microsoft Certificate Services for AnyConnect) KB ID 0001030 Problem I’ve done a lot of AnyConnect deployments, and I’ve even done them with certificates in the past. I’ve seen plenty of articles and blogs that say ‘It would be better to use a PKI deployment like Microsoft Certificate Services’, but there’s very little info out there on how to set it up. I have a client...
AnyConnect – Using a Windows DHCP Server to Lease IP Addresses to the Remote Clients
KB ID 0001050 Problem I did an AnyConnect design for a client recently, and they asked ‘Instead of using the firewall to lease the DHCP addresses to our remote clients, can we use our Windows DHCP Server?” In the past I’ve used Windows DHCP servers for IPSEC VPN clients, but more recently I’ve tended to just use the firewall. The client had some valid reasons for wanting to do so, and given the complexity of...
AnyConnect Client Fails To Get IP From Windows DHCP Server
KB ID 0001053 Problem A few days ago I did an article on AnyConnect and Windows DHCP. I ran it up on the test bench for a client, and everything worked fine. Doing the install my test ‘remote’ client failed to get an IP address. As you can see the DHCP Server (Windows Server 2012 R2) is on a different network segment to the inside of the ASA. Solution 1. First this to do was debug the connection, ‘debug webvpn...
iPhone – Taking Screenshots / Screendumps
KB ID 0000361 Problem All iPhones (above version 2 on 3G, 3GS and iPhone4) have the ability to take screenshots without having to download an app! Solution 1. Assuming you have the screen open you would like to capture, press the “Home” button, and while still having it pressed briefly press the “Sleep/Lock” button 2. The screen should “flash white” briefly and providing you are not on silent, you...
iPhone and iPad – Configure the Cisco VPN Client
KB ID 0000360 Problem You have already configured a Cisco ASA / PIX device to provide Client VPN connectivity, and you now wish to configure the iPhone/iPad Device. Solution Note: The screen shots are taken from an iPhone running (4.2.1) the process for iPad is the same. 1. Select Settings. 2. Select General. 3. Select Network. 4. Scroll to the bottom of the page and select VPN. 5. Add VPN Configuration. 6. Select IPSec. 7....
Cisco AnyConnect Error (iPhone)
KB ID 0000362 Problem While using the Apple/Cisco Anyconnect App/Client you receive the following error. Error: The secure gateway has rejected the agent’s VPN request. A New connection requires re-authentication and must be started manually. Please contact your network administrator if this problem persists. The following message was received from the security gateway: No License. Solution The most pertinent information...
iPhone / iPad – Using the Cisco AnyConnect Client
KB ID 0000474 Problem You have an Apple device and you would like to create a remote VPN connection to a Cisco device running AnyConnect. Note: This is not a walkthrough on how to configure AnyConnect, for that go here. Be aware that in addition to your SSL VPN licences your Cisco ASA device also needs a “AnyConnect Mobile – ASA 5510” license. If not you will receive this error. Solution 1. Firstly you need to...
Android AnyConnect Error
KB ID 0000537 Problem While using the Android/Cisco Anyconnect App/Client you receive the following error. Error: The secure gateway has rejected the agent’s VPN request. A New connection requires re-authentication and must be started manually. Please contact your network administrator if this problem persists. The following message was received from the security gateway: No License. Solution The most pertinent information above...
Android – Using the Cisco AnyConnect Client
KB ID 0000539 Problem You have an Android device* and you would like to create a remote VPN connection to a Cisco device running AnyConnect. Note: This is not a walkthrough on how to configure AnyConnect, for that go here. Be aware that in addition to your SSL VPN licences your Cisco ASA device also needs a “AnyConnect Mobile” license. If you do not have one you will receive this error. *Note: At time of writing...