The Cisco AnyConnect Secure Mobility Client provides an excellent solution for connecting your iPad, iPhone, or iTouch to your critical business resources. Staying productive is a key ingredient to having a business edge on your competition. If you already enjoy your “i” product for personal use Cisco AnyConnect now provides justification for all those gadgets. Now your iPad can really be for work and not trying to beat your friends high score in Angry Birds! It gets hard to justify Angry Birds as strategic planning learning credits.

Using SSLVPN technology, Cisco AnyConnect establishes a secure connection to your ASA5500 series firewall with ease. The network administrator bears the brunt of most of the work while end users just download Cisco AnyConnect from the Apple AppStore and configure a few settings.

Let’s get started with the necessary requirements.

SYSTEM REQUIREMENTS:

• AnyConnect is designed specifically for Apple iOS 4 (4.1+) (And now version 5)

• Apple iPhone 3G, 3GS, and 4

• Apple iPod touch (second, third, and fourth generations)

• Apple iPad support available after Apple iOS 4.2 – November 2010 release

I have confirmed Cisco AnyConnect works well on iPad2 and iTouch running the new iOS version 5.

Connectivity has been tested and verified with Cisco ASA5500 Series 8.3 and 8.4 code using RADIUS authentication.

You must have AnyConnect for Mobile licenses installed on the Cisco ASA5500 series firewall for each active mobile node. Note that if you are running ASA failover the license propagates to the failover unit. Here’s an example of the “show version” on a Cisco ASA5510. Note the bolded line.

Licensed features for this platform:

Maximum Physical Interfaces    : Unlimited      perpetual
Maximum VLANs                  : 100            perpetual
Inside Hosts                   : Unlimited      perpetual
Failover                       : Active/Active  perpetual
VPN-DES                        : Enabled        perpetual
VPN-3DES-AES                   : Enabled        perpetual
Security Contexts              : 2              perpetual
GTP/GPRS                       : Disabled       perpetual
SSL VPN Peers                  : 2              perpetual
Total VPN Peers                : 250            perpetual
Shared License                 : Disabled       perpetual
AnyConnect for Mobile          : Enabled        perpetual
AnyConnect for Cisco VPN Phone : Disabled       perpetual
AnyConnect Essentials          : Disabled       perpetual
Advanced Endpoint Assessment   : Disabled       perpetual
UC Phone Proxy Sessions        : 2              perpetual
Total UC Proxy Sessions        : 2              perpetual
Botnet Traffic Filter          : Disabled       perpetual
Intercompany Media Engine      : Disabled       perpetual

This platform has an ASA 5510 Security Plus license.

INSTALLATION AND CONFIGURATION

Go to the AppStore and search for “cisco anyconnect”. For example, from the iTunes store I perform a search for “cisco anyconnect”

You should find the following options: My screenshots show DOWNLOADED since I’ve already downloaded them. If you haven’t downloaded them they will display FREE.

Download and install the iPhone version for your iPhone or iTouch. Download and install the iPad version for your iPad.

Once you have the AnyConnect app installed ensure you also have the following:

• 3G/4G or WiFi access to the Internet. The AnyConnect Secure Mobility Client runs over an SSL connection to your Cisco ASA5500 series security appliance.
• Server URL or IP address (portal.yourdomain.com for example)
• Username and password configured for remote access

You can now begin the configuration process.

Tap the AnyConnect Icon from your touch screen.

Tap “OK” When asked to enable this software.

Tap “Add VPN Connection” to create a new connection. The following screen will open.

Enter a description. For example “My Work Network”

Enter a server address. For example “portal.yourdomain.com”.

Select if you want Network Roaming ON or OFF. Choosing ON tells the AnyConnect client to try to establish a connection until it succeeds. I personally find this “always on” feature very helpful if I’m roaming from a 3G connection to a WiFi or the 3G connection is lost for a moment.

Select if you want Use Certificates ON or OFF. For the purpose of this article we will use OFF since we are using RADIUS only. Certificates do offer improved security but also require a more complex configuration.

When done tap Save.

Now it’s time to launch the connection. To do this swipe the AnyConnect VPN from OFF to ON. This will automatically launch your new connection you created.

Once connected, the AnyConnect App will show you statistics about your connection. You can close the screen and launch your network application(s).

A very common use is Windows Remote Desktop connectivity to servers and or workstations. I use Jaadu or Jump Desktop. Both work well. With the plethora of apps in the AppStore you are bound to find one that meets your needs. The Cisco AnyConnect Secure Mobility Client definitely does its part to securely get you connected.

If you need assistance setting up a Cisco Secure Mobility Solution for your business contact Miocon. We have over 15 years of Cisco firewall and security experience.

Cisco AnyConnect Secure Mobility Solution:
http://www.cisco.com/en/US/netsol/ns1049/index.html

iPad User Guide for Cisco AnyConnect Secure Mobility Client:
http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnect24/ios4.2-user/guide/ipad-ugac-ios4.2.html

Jaadu RDP:
http://www.jaadurdp.com/

Jump Desktop:
http://jumpdesktop.com/