What's NewResolves CSCuo17488 â€“ AnyConnect for iOS is vulnerable to CVE-2014-0160 â€“ Heartbleed
Disconnect AnyConnect connection before upgrading
Please make sure your AnyConnect VPN is disconnected when you upgrade. Otherwise, you may fail to connect after the upgrade with the following error: â€ťCould not connect to VPN server, Please verify internet connectivity and server address.â€ť This issue can be fixed by a device reboot.
Apple iOS Connect On Demand Considerations
To ensure proper establishment of Connect On Demand VPN tunnels after updating AnyConnect, users must manually start the AnyConnect app and establish a connection. If this is not done, upon the next iOS system attempt to establish a VPN tunnel, the error message "The VPN Connection requires an application to start up" will display.
App DescriptionAdministrators â€“ If you have any questions regarding licensing or would like evaluation licenses, please contact ac-mobile-license-request (AT) cisco.com and include a copy of "show version" from your Cisco ASA. If you already have an Essentials or Premium ASA license, you may use the automated license request tool at: https://tools.cisco.com/SWIFT/Licensing/PrivateRegistrationServlet?FormId=717.
Please note that AnyConnect for iOS requires a Cisco Adaptive Security Appliance (ASA) running software image 8.0(3).1 or later. The ASA requires an AnyConnect Mobile license (L-ASA-AC-M-55XX=), as well as either an AnyConnect Essentials (L-ASA-AC-E-55XX=) or AnyConnect Premium Clientless SSL VPN Edition (L-ASA-AC-SSL-YYYY=) license, where XX is the last two digits of your ASA model number and YYYY is the number of simultaneous users. AnyConnect Mobile and Essentials licenses are enabled per ASA, there is no per user charge for either of these licenses.
Cisco AnyConnect provides reliable and easy-to-deploy encrypted network connectivity from any Apple iOS 6 or later device by delivering persistent corporate access for users on the go. Whether providing access to business email, a virtual desktop session, or most other iOS applications, AnyConnect enables business-critical application connectivity. Through the use of Datagram Transport Layer Security (DTLS), TCP-based applications and latency-sensitive traffic (such as voice over IP [VoIP]) are provided an optimized communication path to corporate resources.
Additionally, AnyConnect support IPsec IKEv2 with Next Generation Encryption.
- Automatically adapts its tunneling to the most efficient method possible based on network constraints, using TLS and DTLS
- DTLS provides an optimized connection for TCP-based application access and latency-sensitive traffic, such as VoIP traffic
- Network roaming capability allows connectivity to resume seamlessly after IP address change, loss of connectivity, or device standby
- Wide Range of Authentication Options: RADIUS, RSA SecurID, Active Directory/Kerberos, Digital Certificates, LDAP, multifactor authentication
- Supports certificate deployment using Apple iOS and AnyConnect integrated SCEP
- Compatible with Apple iOS Connect On Demand VPN capability for automatic VPN connections when required by an application
- Policies can be preconfigured or configured locally, and can be automatically updated from the VPN headend
- Access to internal IPv4 and IPv6 network resources
- Administrator-controlled split / full tunneling network access policy
If you are an end-user and have any issues or concerns, please contact your organizationâ€™s support department. If you are a System Administrator having difficulties configuring or utilizing the Application, please contact your designated support point of contact.
If you would like to give feedback, suggestions, or leave comments directly to the team, you can reach us on Twitter by using the #anyconnect hashtag.
iPhone - http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnect30/user/guide/iphone-ugac-ios.html
iPad - http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnect30/user/guide/ipad-ugac-ios.html
April 26, 2014 New version 3.0.09353
February 08, 2014 New version 3.0.09266
October 16, 2013 New version 3.0.09231
September 26, 2013 New version 3.0.09179
February 13, 2013 New version 3.0.09115
December 11, 2012 New version 3.0.09097
September 20, 2010 Initial Release