Cisco ASA 5500 – Using a Third Party Digital Certificate
(For Identification, AnyConnect, and SSL VPN) KB ID 0000694 Problem A client asked me how to do this, so off I went to the test bench to work it out. Note: I’m this example In going to submit the request to, and issue the certificate from, my own windows domain certificate authority, you would send your request to a third party certificate authority, here’s a direct link to the certificate type you require. To use your own...
Cisco ASA5500 Change the AnyConnect Port
KB ID 0000422 Problem AnyConnect runs over TCP port 443 (That’s HTTPS/SSL), but if you only have one public IP and need to forward that port to a web server or internal host then you are a bit snookered. You can of course change the port that AnyConnect runs over, so that it’s no longer on TCP port 443. Why you would NOT want to do this. Bear in mind that https is a well known port, and its open in most places for secure...
Cisco AnyConnect – Untrusted VPN Server Blocked!
KB ID 0000651 Problem The newest versions of the AnyConnect client now show you the following; If you are seeing this you’re using the (default) self signed certificate, or you connected to an IP address rather than the FQDN. But unlike before, you can now ‘lower’ the security so it does not warn you every time. Solution 1. From the warning screen (shown above) select ‘Change Settings…’. 2. Untick...
iPhone / iPad – Using the Cisco AnyConnect Client
KB ID 0000474 Problem You have an Apple device and you would like to create a remote VPN connection to a Cisco device running AnyConnect. Note: This is not a walkthrough on how to configure AnyConnect, for that go here. Be aware that in addition to your SSL VPN licences your Cisco ASA device also needs a “AnyConnect Mobile – ASA 5510” license. If not you will receive this error. Solution 1. Firstly you need to...
Android – Using the Cisco AnyConnect Client
KB ID 0000539 Problem You have an Android device* and you would like to create a remote VPN connection to a Cisco device running AnyConnect. Note: This is not a walkthrough on how to configure AnyConnect, for that go here. Be aware that in addition to your SSL VPN licences your Cisco ASA device also needs a “AnyConnect Mobile” license. If you do not have one you will receive this error. *Note: At time of writing...