Cisco Cisco AnyConnect Secure Mobility Client v2.x Technical Manual
Two ASA 5585 running 9.5(2) code
●
AnyConnect Client 3.1.10010
●
The information in this document was created from the devices in a specific lab environment. All of
the devices used in this document started with a cleared (default) configuration. If your network is
live, make sure that you understand the potential impact of any command
the devices used in this document started with a cleared (default) configuration. If your network is
live, make sure that you understand the potential impact of any command
Background Information
Multi-context is a form of virtualization that allows multiple independent copies of an application to
run simultaneously on the same hardware, with each copy (or virtual device) appearing as a
separate physical device to the user. This allows a single ASA to appear as multiple ASAs to
multiple independent users. The ASA family has supported virtual firewalls since its initial release;
however, there was no virtualisation support for Remote Access in the ASA. VPN LAN2LAN (L2L)
support for multi-context was added for the 9.0 release. From 9.5.2 multi-context based
virtualisation support for VPN Remote Access (RA) connections to the ASA.
run simultaneously on the same hardware, with each copy (or virtual device) appearing as a
separate physical device to the user. This allows a single ASA to appear as multiple ASAs to
multiple independent users. The ASA family has supported virtual firewalls since its initial release;
however, there was no virtualisation support for Remote Access in the ASA. VPN LAN2LAN (L2L)
support for multi-context was added for the 9.0 release. From 9.5.2 multi-context based
virtualisation support for VPN Remote Access (RA) connections to the ASA.
Supported Features
AnyConnect 3.X+ SSL connectivity (IPv4, IPv6)
●
Centralized AnyConnect image configuration
●
AnyConnect image upgrade
●
Unsupported Features
IKEv2, IKEv1
●
Stateful Failover
●
Flash virtualization
●
AnyConnect image configuration per context
●
WebLaunch
●
Client profile download
●
DAP and CoA
●
CSD/Hostscan
●
VPN Load-balancing
●
Username-from-certificate and prefill-username
●
Customization/Localization
●
Licensing
AnyConnect Apex license required
●
Essentials licenses ignored/not allowed
●
Configurability to control maximum license usage per context
●
Configurability to allow license bursting per context
●
Configure
This section describes how to configure the Cisco ASA as a Local CA server.