Cisco VPN client / F-secure Client security 9

J-C
Supporter

Cisco VPN client / F-secure Client security 9

Hi,

 

One of my customers are currently using client security on hosts in their HQ. The firewall profile used by all their hosts is "Office" in Policy manager 9.

 

Now when they connect laptops using mobile broadband + VPN they cannot access any of their internal resources, all traffic seems to be blocked.

 

Would really appreciate if someone could "point me in the right direction" and explain how to configure this correctly.

 

I myself am using Citrix Access Gateway as VPN client + Client security and this works fine. The active profile used when I connect to my company, is "Office". Actually I don´t think it changes at all regardless of how I connect, it´s always "Office".

 

Am I correct assuming that when the customer connects via VPN, they should use the profile called "Mobile", or use a "customized office profile" as I think is the case with my PC?

 

If they should use "Mobile", must I edit this / add rules for it to allow the traffic needed for them to reach their resources, e.g. remote control (RDP), access to file shares and so on? Maybe using info from the action.log file which traffic has been blocked?

 

 

Thanks in advance!

 

Regards,
JC

1 ACCEPTED SOLUTION

Accepted Solutions
Former F-Secure Employee

Re: Cisco VPN client / F-secure Client security 9

Hi,

 

Basically, both options work.

Personally I would probably use "Security level autoselection" and define conditions for "Office" profile and then use the modified "Mobile" security as a fallback rule with both Methods set to Always.

Best Regards

-Jake
Has somebody helped you? Say thanks by giving kudos. Has your issue been solved? Mark the post using "Accept As Solution" button to let others know.
9 REPLIES 9
Former F-Secure Employee

Re: Cisco VPN client / F-secure Client security 9

Hi JC, Please check this first: http://www.f-secure.com/en/web/business_global/support/article/kba/6637/s/workstation.1368/t/worksta...
Best Regards

-Jake
Has somebody helped you? Say thanks by giving kudos. Has your issue been solved? Mark the post using "Accept As Solution" button to let others know.
J-C
Supporter

Re: Cisco VPN client / F-secure Client security 9

Hi,

 

Thank you for you answer and apologies for not searching for a solution more thoroughly.


Almost all info that I needed was found in your link but I have another question after reading this:

 

To implement these settings for laptops at this customer, should I configure what is called "Security level autoselection", and add needed ports + IP addresses to the profile called "Mobile"? Then, if I understand correctly, F-secure will choose this profile when connecting via VPN / mobile broadband? And e.g. from home using wireless router etc?

 

Or could I just add them to the profile "Office" which they are currently using at their location?

 

Thanks and regards,

JC

Former F-Secure Employee

Re: Cisco VPN client / F-secure Client security 9

Hi,

 

Basically, both options work.

Personally I would probably use "Security level autoselection" and define conditions for "Office" profile and then use the modified "Mobile" security as a fallback rule with both Methods set to Always.

Best Regards

-Jake
Has somebody helped you? Say thanks by giving kudos. Has your issue been solved? Mark the post using "Accept As Solution" button to let others know.
Novice

Re: Cisco VPN client / F-secure Client security 9

Hi,

 

I also a problem with Cisco client  and F-secure. I am not able to set up a connection. I used this website:

http://community.f-secure.com/t5/End-point/Cisco-VPN-and-F-Secure-Client/ta-p/11851

 

But unfortunatly the last step (disable vsdatant) did not work for me since there was no vsdatant to disable. Is there another solution?

 

Kind regards,

 

F-Secure

Re: Cisco VPN client / F-secure Client security 9

Hi,

 

Could you provide us more information about the issue?

 

1. The article you mentioned applies to version 9.x. Which F-Secure program are you using and which version in particular?

2. Which version of the Cisco VPN client are you using?

 


Thank you.

YT
Scholar

Re: Cisco VPN client / F-secure Client security

I have the same problem.

 

I installed F-Secure Internet Security 2014 a week ago, and could not use Cisco AnyConnect Secure Mobility Client to conncet to my office computer.

 

The version on my PC is 3.1.04063.  I got an installation error when AnyConnect tried downloading 3.1.04066.

Highlighted
Former F-Secure Employee

Re: Cisco VPN client / F-secure Client security

Hi,

 

please create a support ticket by using the following form:

http://www.f-secure.com/en/web/home_global/support/contact/request

 

Please include the FSDiag report so the case is handled more quick.

Regards,
Ivan

Has somebody helped you? Give Kudos as a way to say "thanks!"
Has your issue been solved? Mark the post using the "Accept as Solution" button to let others know.
YT
Scholar

Re: Cisco VPN client / F-secure Client security

Hi,

 

I have already done that last Friday evening but had not heard from anyone yet.  See Case #00085626, and earlier online chat #00085515.

 

What is the FSDiag report?

 

 

Advocate

Re: Cisco VPN client / F-secure Client security

FSDIAG is explained here: http://www.f-secure.com/en/web/home_global/support/contact/fsdiag

 

When submitting a support request:

http://www.f-secure.com/en/web/home_global/support/contact/request 

you have an option at the bottom of that page to attach an FSDIAG file.

 

Without attaching an FSDIAG file in a support request the support technicians will not have the vital information of your system that might be needed to solve the problem.