Cisco ASA SSL VPN options?
Posted
by
JonH
on Server Fault
See other posts from Server Fault
or by JonH
Published on 2014-08-14T22:08:38Z
Indexed on
2014/08/20
22:22 UTC
Read the original article
Hit count: 332
Disclaimer: I am not a network admin so I may be wrong here but I thought asking here would help. I'm a developer mainly on the .net framework as well as helping get a mobile intranet app working.
Because this app is only allowed to be used on our network I can easily run this app on our wireless network connection within our building. All is fine and dandy but we'd also like to be able to run this mobile app at say a customer plant using VPN software.
I thought surely this could be easy as we exclusively use Samsung s4 phones so I thought I'd download Cisco's Samsung any connect software to allow us to VPN...its right on the play store.
Sure enough it doesn't work. I mention it to our network admin who says not possible since we have old technology that doesn't support SSL. He mentions we'd have to upgrade all of our hardware, the firewall, etc. to get this to work.
We really need VPN on our phones not only for this app but other internal apps, etc.
He did mention the following:
We can’t upgrade the software on our ASA, because we don’t have enough memory for the new version. (the asa is very old). We can’t add more memory, so we would have to get a new firewall, which I have been told I cannot do.
In addition he also mentioned:
The Samsung AnyConnect client uses SSL to connect. With the current (old) version of software that our firewall is running, the SSL connections are unreliable. We need different hardware in order to upgrade our firewall, which we are unable to attain at this time. This is the same reason that Windows 8 clients are not able to connect.
I am curious hence me asking. vpns seem to be fairly simple to setup. What other options do I have aside from making this a public site or web service that consumes this data over the internet as this is a complete no no.
What can we do to make this work without that much effort or cost.
© Server Fault or respective owner