The Cisco AnyConnect Secure Mobility Client provides secure SSL and IPsec/IKEv2 connections to the
ASA for remote users. Without a previously-installed client, remote users enter the IP address in their
browser of an interface configured to accept SSL or IPsec/IKEv2 VPN connections. Unless the ASA is
configured to redirect http:// requests to https://, users must enter the URL in the form https://<address>.

After entering the URL, the browser connects to that interface and displays the login screen. If the user
satisfies the login and authentication, and the ASA identifies the user as requiring the client, it
downloads the client that matches the operating system of the remote computer. After downloading, the
client installs and configures itself, establishes a secure SSL or IPsec/IKEv2 connection and either
remains or uninstalls itself (depending on the configuration) when the connection terminates.

In the case of a previously installed client, when the user authenticates, the ASA examines the revision
of the client, and upgrades the client as necessary.

When the client negotiates an SSL VPN connection with the ASA, it connects using Transport Layer
Security (TLS), and optionally, Datagram Transport Layer Security (DTLS). DTLS avoids latency and
bandwidth problems associated with some SSL connections and improves the performance of real-time
applications that are sensitive to packet delays.

The AnyConnect client can be downloaded from the ASA, or it can be installed manually on the remote
PC by the system administrator. For more information about installing the client manually, see the
Cisco AnyConnect VPN Client Administrator Guide.

Advertising

This manual is related to the following products:

ASA 5585-X, ASA 5555-X, ASA 5545-X, ASA 5525-X, ASA 5515-X, ASA 5512-X, ASA 5580, ASA 5550, ASA 5540, ASA 5520, ASA 5510, ASA 5500 Series

Popular Brands

Popular manuals