The Cisco® VPN Client is software that enables customers to establish secure, end-to-end encrypted tunnels to any Cisco Easy VPN server. This thin-design, IP Security (IPsec)-compliant implementation is available from Cisco.com for customers with Cisco SMARTnet® support, and is included free of charge with Cisco ASA 5500 Series security appliances and most Cisco PIX security appliances. The client can be preconfigured for mass deployments and initial logins require very little user intervention. VPN access policies and configurations are downloaded from the central gateway and pushed to the client when a connection is established, allowing simple deployment and management.
The Cisco VPN Client supports Windows x86 (32-bit) XP, Vista (including SP1 & SP2), and Windows 7; Linux (Intel); Solaris (UltraSparc 32- and 64-bit); and Mac OS X 10.4 & 10.5.
The Cisco VPN Client is compatible with the following Cisco products (Cisco Easy VPN servers):
• Cisco ASA 5500 Series Software Version 7.0 and later
• Cisco IOS® Software Release 12.2(8)T and later
• Cisco VPN 3000 Concentrator Software Version 3.0 and later
• Cisco PIX® Security Appliance Software Version 6.0 and later
Features and Benefits
• Support for x86 (32-bit) XP, Vista (including SP1 & SP2), and Windows 7; Linux (Intel); Solaris (UltraSparc 32- and 64-bit); and Mac OS X 10.4 & 10.5.
• VPN Virtual Interface Adapter present on Windows XP, Vista and Windows 7
• Application Programming Interface (API) allows you to control operation of the VPN client from another application
• System coexistence with Microsoft L2TP/IPsec client
• MSI (Windows Installer) package available for Windows
• Intelligent peer availability detection (DPD)
• Simple Certificate Enrollment Protocol (SCEP)
• Data compression (LZS)
• Command-line options for connecting, disconnecting, and connection status
• Configuration file with option locking
• Support for Microsoft network login (all platforms)
• Domain Name System (DNS) including DDNS/DHCP computer name population, Split DNS,
• Windows Internet Name Service (WINS), and IP address assignment
• Load balancing and backup server support
• Centrally controlled policies (including backup server list)
• Integrated personal firewall (stateful firewall): Zone Labs technology-Windows XP only
• Personal firewall enforcement: Cisco Security Agent, Sygate, Zone Alarm-Windows only
• Integration with the iPass remote access client software, including: one-click (single sign-on), VPN auto-teardown, and Windows pre-login support-Windows only.
• Client connection auto initiation for wireless LAN environments
Cisco Easy VPN
Cisco Easy VPN, a software enhancement for existing Cisco routers and security appliances, greatly simplifies VPN deployment for remote offices and teleworkers. Based on the Cisco Unified Client Framework, Cisco Easy VPN centralizes VPN management across all Cisco VPN devices thus reducing the complexity of VPN deployments. Cisco Easy VPN enables an integration of VPN remotes-Cisco routers, Cisco ASA & PIX Security Appliances, Cisco VPN concentrators or software clients-within a single deployment with a consistent policy and key management method thus simplifying remote side administration.
Table 1. Product Specifications
Description
Specification
Operating Systems
Support for Windows x86 (32-bit) XP, Vista (including SP1 & SP2), and Windows 7; Linux (Intel); Solaris (UltraSparc 32- and 64-bit); and Mac OS X 10.4 & 10.5
IPsec (ESP) using Data Encryption Standard (DES)/Triple DES (3DES) (56/168-bit) or AES (128/256-bit) with MD5 or SHA
Key Management
Internet Key Exchange (IKE)-Aggressive and Main Mode (Digital certificates) Diffie-Hellman (DH) Groups 1, 2, and 5 Perfect Forward Secrecy (PFS) Rekeying
Data Compression
Lempel-Ziv standard (LZS) compression
Digital Certificates
• The supported enrollment mechanisms are Simple Certificate Enrollment Protocol (SCEP) and Certificates enrolled with Microsoft Internet Explorer.
