“Remote” with a Cisco router
Secure Remote Access
The optimal solution for organizing secure remote access to corporate resources is the use of specialized devices and software. At the same time, one should not forget about the most common class of devices – Cisco routers. Many organizations have these devices and therefore can effectively support the business in conditions when remote work of employees has become mandatory.
The current models for Cisco corporate customers are series routers ISR 1000, ISR 4000, ASR 1000as well as virtualized series Cisco CSR1000v.
What do Cisco routers offer for secure remote access?
For creating Remote Access VPN technology recommended Cisco FlexVPN, which allows you to create and share on the same device different types of VPNs (Site-to-Site, Remote Access).
Two methods of using Cisco FlexVPN for organizing Remote Access are most common and in demand:
- IKEv2 IPSec VPN – supported on Cisco ISR 1000, ISR 4000, ASR 1000, CSR1000v. Setup: IOS / IOS-XE router for IKEv2 VPN
- SSL VPN – supported on Cisco CSR1000v, as well as on some previous generation Cisco router models. Setup:
IOS-XE router for SSL VPN (CSR only)
IOS router for SSLVPN
- FlexVPN’s general principles and capabilities (and more) are well reflected in the Cisco Live 2020 Session BRKSEC-3054
- The main VPN client that supports these technologies and is installed on computers and mobile devices is Cisco AnyConnect Secure Mobility Client. Downloading and using this software requires the purchase of appropriate licenses.
- If you are an existing Cisco client, but at the same time you do not currently have enough AnyConnect licenses for use with Cisco routers, write to us at security-request@cisco.com with the domain to which your Smart-Account is registered. If you do not already have a Smart-Account, you will need to create one here (more in Russian)
Customer Support for COVID-2019 Distribution
Cisco invites you to spend quarantine and self-isolation time productively and invest your time in knowledge. Next week March 23-27, 2020 we will organize an engineering marathon “Corporate networks are all in order. Deep dive” for engineers and network experts, which is an excellent opportunity for a deep immersion in modern technology for all those who have long wanted to attend Cisco courses, but for some reason could not.
Details about the Marathon and registration
Additionally, we recommend that everyone familiarize themselves with the following Cisco resources:
- www.cisco.com/c/m/en_us/covid19.html
- www.cisco.com/c/en/us/support/docs/security/anyconnect-secure-mobility-client/215331-anyconnect-implementation-and-performanc.html
- Cisco Offers Secure Remote Access
- Step-by-step instructions on how to quickly deploy the most scalable Remote-Access VPN access scheme based on AnyConnect and Cisco ASA – VPN Load Balancing Cluster.
Be healthy and take care!