Meraki

SLR · ‎Jul 3 2019

Good Day -

Any status on when we expect to have full cisco anyconnect vpn support for the MX appliances? Thank you in advance been asking for 3 years now.

Nash · ‎Jul 8 2019

I hate to be a buzzkill, @DillonofAnch17 but the sales reps have been saying "in the next 6 months" for the last couple of years. It's for reasons beyond their control, but I wouldn't get excited about AnyConnect support until you can start applying AnyConnect licenses to MX devices.

Windows 10 Client VPN scripts: Makes life better!

View solution in original post

SunnyJ · ‎Jul 5 2019

Thanks for your patience. There is no update on the status and MX is still not supporting Cisco Anyconnect VPN at this time. However, Meraki is making exciting changes on a new beta firmware - 15.x. Please check back with Support periodically for a new feature.

Thanks,

Sunny Joo

If this was helpful, click the Kudos button below. Also, If your issue was resolved, please mark the post resolved so other users can benefit in future.

lbouchard · ‎Jul 7 2019

Where can we read more about new feature of the 15.x firmware?

Roska · ‎Aug 2 2019

@lbouchard I usually check these from dashboard: Organization -> Firmware upgrades. Running beta enabled org.

NFL0NR · ‎Jul 10 2019

how much longer is 15 going to be in beta? I've been hearing about "the wonderful advancements in firmware 15" for about 6 months.

cmr · ‎Aug 29 2019

@NFL0NRfirmware stays in beta until I think ~10% of users install it, with 15.x incrementing rapidly this will take some time! We run 15.x on our production SDWAN but even with fairly regular updating we have some devices on 15.14, some on 15.15 and some on 15.16 so we aren't contributing much to the % of any of them...

If my answer solves your problem please click Accept as Solution so others can benefit from it.

DillonofAnch17 · ‎Jul 7 2019

@SLR While at Cisco Live last month I spoke with a few different Meraki employees who have spoken that the MX's will support Anyconnect eventually and it's more of a when and not if. This would be huge if it's going to be available on Beta. I will be watching closer now!

CptnCrnch · ‎Jul 8 2019

That‘d be phantastic news indeed!

Nash · ‎Jul 8 2019

I hate to be a buzzkill, @DillonofAnch17 but the sales reps have been saying "in the next 6 months" for the last couple of years. It's for reasons beyond their control, but I wouldn't get excited about AnyConnect support until you can start applying AnyConnect licenses to MX devices.

Windows 10 Client VPN scripts: Makes life better!

SLR · ‎Jul 9 2019

I second this...

Arnout · ‎Aug 29 2019

Any update regarding the AnyConnect support? I really need this!

Rebry · ‎Dec 5 2019

I am going to bounce this up again!

anyone got any news?

SLR · ‎Dec 5 2019

I got an email that is actively in development. They think they will have a beta to announce very soon.

I will believe it when I see it.

they have been saying this for years.

dadinh · ‎Feb 11 2020

Our sales rep just confirmed it going live in May this year!

Rebry · ‎Feb 11 2020

Woohoo!

It's the best news of this decade!

Roska · ‎Feb 11 2020

Seeing is believing

lbouchard · ‎Feb 11 2020

In the era of Trump and fake news, who can believe this anymore?

dadinh · ‎Feb 11 2020

well true, but I like to believe in the good in people.
Since we also asked about this feature about 2 months ago, with the answer "no date", and now Meraki proactively informed us about this, there is maybe more to it than normally.

Roska · ‎Feb 11 2020

I believe you´ve managed to get some attention and into the closed beta group. Good luck, please post reply here if you hear something. Thanks

SLR · ‎Feb 12 2020

I need in on any beta testing group for anyconnect support as we have been waiting forever since we first installed the devices into our org.

dadinh · ‎Feb 27 2020

I'm currently on a Cisco training and I got it approved again.
Anyconnect for Meraki is more or less already finished is is getting implemented into the beta now.

Jason_Reed · ‎Feb 27 2020

Wow, finally, this will be GREAT!!!

lmorel · ‎Mar 12 2020

Was told today same thing. I am getting an additional MX through SHI and my account manager was going back and forth with his Meraki point of contact. Then I remembered this thread so I asked him about AnyConnect. He came back and said that he was told AnyConnect is in beta and release should be late spring. Exciting news to say the least.

So the real question is: has anyone taken a 4K picture of Big Foot yet?

Nash · ‎Mar 13 2020

You know, I really hope we can hear from some of the beta testers.

I need to know if this will let me create multiple VPN user groups and specify split tunnel easily or not. Like, is it AnyConnect AnyConnect? Or is it AnyConnect as an SSL VPN client, but no real changes otherwise?

Windows 10 Client VPN scripts: Makes life better!

cmr · ‎Mar 13 2020

I'd bet on it being the latter option...

If my answer solves your problem please click Accept as Solution so others can benefit from it.

Nash · ‎Mar 13 2020

@cmr wrote:
I'd bet on it being the latter option...

Which is cool. I love dumping all of an end user's traffic out through my client's 10/1 Mbps DSL pipe when they're working from home and streaming music or Youtube.

Windows 10 Client VPN scripts: Makes life better!

andrewperry · ‎Mar 25 2020

In which firmware version it will be supported? I'm going to upgrade to 15.27 MX version but it seems still not mentioned... any news about it?

Roska · ‎Mar 25 2020

MX250/450 and MX67/68 are the testing platforms on closed beta.

cmr · ‎Mar 25 2020

@Roska what firmware version is needed, or is that not relevant?

If my answer solves your problem please click Accept as Solution so others can benefit from it.

Roska · ‎Mar 25 2020

EDIT: closed beta FW push. Unfortunately not aware of the FW version required.

NFL0NR · ‎Mar 25 2020

The version has to be pushed to your device, and the only way that happens is if you get into the closed beta.

lmorel · ‎Mar 25 2020

Once enabled by support in the closed beta, is it a all or nothing type of feature or an additional option and you can have mix and match versions of VPN client configs (meraki cloud, AD, Radius, etc)? (apologies in advance if I didn't use the proper terminology).

Justin1234 · ‎Mar 27 2020

>I need to know if this will let me create multiple VPN user groups and specify split tunnel easily or not.

It's sad that such an expensive device can't do basic functionality. I can throw something like Untangle on some random hardware for free and do that with a single click.

RufTech · ‎Mar 26 2020

Picture of Big Foot

Roska · ‎Mar 26 2020

@RufTech and it works? 🙂

Bsalami · ‎Mar 27 2020

AnyConnect is still in development. @RufTech I love the teaser. I will update this thread when AnyConnect on the MX is available for wider beta testing!

cmr · ‎Mar 27 2020

@Bsalamican you please confirm whether it is simply a proprietary client or allows more flexibility for the actual client VPN function? From the screenshot posted by @RufTech I am hoping the latter...

If my answer solves your problem please click Accept as Solution so others can benefit from it.

routerjockey · ‎Mar 27 2020

As the name implies... I would assume it is Cisco AnyConnect. Not connect "any" VPN client support.

estoril · ‎Apr 28 2020

Any update on the beta becoming more widely available? I assume it will be a similar manner to how Cisco FTDs support AnyConnect and you will have to just drop the policy .xml into the portal?

brad1028 · ‎Jun 10 2020

It's June, wondering if you have heard anything.

INQ-Support · ‎Jun 10 2020

No updates from my rep.

Duke_Nukem · ‎May 7 2020

I contacted my VAR to see if he's heard anything from his rep at Cisco. They told him that it will only be available to the MX250/450 and MX67/68. He also they said it would go Public Beta Q1 FY21 (August of this year).

This can't be limited to just those models. That's crazy. Say it ain't so.

cmr · ‎May 7 2020

I'm guessing the MX64, MX84 and MX100 might be about to be replaced then...?

If my answer solves your problem please click Accept as Solution so others can benefit from it.

Roska · ‎May 7 2020

@Duke_Nukem Those models are correct. You gotta do beta with some platforms.

Duke_Nukem · ‎May 8 2020

I'm not talking just beta. My fear is they will roll this out to only those models. Can a Cisco Meraki employee confirm?

INQ-Support · ‎May 14 2020

My Meraki rep confirmed that this does not apply to the MX-100. I'll be looking for an alternative appliance solution.

gplatret · ‎May 15 2020

Hello,
Did you find a solution?
Thank you

Duke_Nukem · ‎May 14 2020

Love the crickets....

Roska · ‎May 18 2020

AC support will be on all current MX HW models. Learned it on last weeks Ask me anything session

mattalley · ‎May 26 2020

In your statement of "all current models", does that include the MX84?

Thanks

Roska · ‎May 27 2020

I believe so yes, but @Bsalami is probably the correct person to confirm. ask me anything session a few weeks back got a suggested timeline for public beta so the train keeps moving on which is obviously a good thing.

AET-Tech · ‎Jun 11 2020

@Bsalami Is there any news on the MX client? Everyone working from home and we want to force the corp/vpn connection. I had to develop a powershell script to auto vpn users.

INQ-Support · ‎Jun 11 2020

No update from my Meraki rep. Utterly ridiculous that it has taken this long, assuming they are doing anything. At this point, I am looking at moving as much as possible to the cloud to not only eliminate the need for VPN but to be able to completely ditch the 20 Meraki devices once my 3 years is up in 2021.

I am not a big fan of open source, especially with security stuff. I did try this vpn client from draytek and was able to connect just fine. Connection seemed to be stable for the 4-6 hours I used it. Also not thrilled with the connection saying "Connected to Vigor" - that sounds a little scary to users. Maybe it is completely safe and there is a way to change the connection info? I just don't have the time to spend on it.

https://www.draytek.com/products/smart-vpn-client/

Bsalami · ‎Jun 11 2020

Hello,

Hope everyone is doing well. We will be starting a new round of BETA testing soon. I will update this thread with details. I know the anticipation is real, just know that we can't wait to get BETA started! More details to come.

This post was sent over my AnyConnect session on an MX100. So the MX100 and MX84 will support AnyConnect. We got you too!.

Owen · ‎Jun 11 2020

The MX84 and MX100 use Intel CPU's where the smaller MX firewalls use ARM cores. Does this mean Anyconnect isn't supported on the ARM CPU devices?

Biee · ‎Jun 15 2020

@Bsalami Is there anything being discussed about Anyconnect for vMX? We bought the license but we are avoiding using it as SSLVpn isn't supported.

DetroitJeremy · ‎Jun 16 2020

This post was sent over my AnyConnect session on an MX100. So the MX100 and MX84 will support AnyConnect. We got you too!.

This is good news. I'd be happy with an MX84 replacement but will be glad to use AnyConnect on my existing device. Should we contact our rep if we want to be included with this next beta phase?

MikaVuokko · ‎Jun 17 2020

Hi,

is there any plans to support AnyConnect also in vMX100 models? I think support is important since many customers have no services onPrem, but instead all services are located in "private cloud" inside public cloud like Azure.

Some Meraki customers which I know, needed to learn/deploy vASA to enable AnyConnect SSL VPN for employees with Azure AD authentication (2MFA enabled).

Roska · ‎Sep 29 2020

@MikaVuokko a bit of topic for this threat but Meraki just announced a rebranding on VMX100 which is going to be called medium. LIC-VMX-M and the duration for this after they update global price list. The reason for this being that they´ll introduce small and large versions for the VMX family later on this year.

AnythingHosted · ‎Jun 19 2020

We have an MX84 and would be happy to run any beta testing if we can be included in the next phase.

mattalley · ‎Jul 7 2020

Any updates yet?

INQ-Support · ‎Jul 8 2020

No word yet from my Meraki rep.

OVERKILL · ‎Jul 17 2020

We would definitely be interested in it, as I'm currently using an ISR to service AnyConnect clients and landing them on the MX84 would be a heck of a lot better.

JPAWELCHAK · ‎Oct 21 2020

Will MX64 & MX65 also support AnyConnect VPN? Meraki has a current Remote Worker promotion on the entire MX family. Not much of a remote worker/VPN solution when/if the MX64 doesn't support AnyConnect when the firmware finally (if Meraki ever get their act together) goes GA is it? If it was never intended to be available for certain MX models then Meraki should have mentioned so on spec sheets and/or roadmaps so partners would have known to not be selling MX64 or MX65 with the expectation it would support AnyConnect at some point.

CHARTER
Forward, Together

cmr · ‎Oct 21 2020

@JPAWELCHAK isn't that promotion focussing on hardware clients for remote workers, i.e. z3 and small MXs or am I misunderstanding?

If my answer solves your problem please click Accept as Solution so others can benefit from it.

JPAWELCHAK · ‎Oct 21 2020

@cmr No, the Remote Worker incentive/promotion applies to the entire MX family promoting it as a remote worker solution which would obviously include client VPN on the MX64 for a small office. Not much of a remote worker solution for end-customers wanting reliable client VPN option using AnyConnect on an MX64 device that hasn't even reached end-of-sale yet because Meraki isn't giving any clarity on what MX devices will support AnyConnect when/if the firmware ever goes GA. If the intent was never to support the MX64 which has yet to reach end-of-sale then they should have been upfront on that rather important detail.

It's frustrating that Meraki can't communicate effectively on this topic especially since they have put the word out there AnyConnect is coming. That said, if it was never intended for the MX64 they should have said so so we didn't sell the devices with the expectation AnyConnect support would be coming.

CHARTER
Forward, Together

cmr · ‎Oct 21 2020

@JPAWELCHAK I agree that some clarity of a product already in closed beta would be good. It seems that MX84 and above will support AnyConnect at some point (MX16?) but if the MX6x devices will not be included, that would be better to state now, not wait until it comes out as a footnote of a product release.

If my answer solves your problem please click Accept as Solution so others can benefit from it.

JPAWELCHAK · ‎Oct 21 2020

@cmr Exactly!

FYI: My understanding is MX67/68 are supporting AnyConnect on the Closed Beta (unless that has changed without my knowledge) but why not the MX64 without any indication either way when the firmware goes GA from Cisco Meraki.

Honestly, I'm starting to muse that Meraki Community staff are perfectly happy to let important questions go unanswered. Nobody from Meraki appears to rush to answer anything in any sort of useful detail on this and/or many other fronts. All it takes is someone to say "MX64 is not currently supported on the AnyConnect beta but will be supported when support goes GA" OR "MX64 is not currently supported on the AnyConnect beta and will not be supported when support goes GA". iIf the latter, however, they had better have a good reason why the community was not made aware of this considering the device has not had an end-of-support date let alone an end-of-sale date announced.

CHARTER
Forward, Together

fatcakes · ‎Feb 17 2021

Z3 is great, had one at home in a trial before we deploy to our directors. Really like it and its in the office waiting to be deployed now, I've moved to an MX68 at home, only because we closed an office and it was going spare..

INQ-Support · ‎Feb 17 2021

When all is said and done, I'll have 30-40 people working remotely. Not going to invest any more money into additional Meraki solutions at this point.

AET-Tech · ‎Jul 8 2020

@Bsalami Is there an estimated date of release?

INQ-Support · ‎Jul 8 2020

Have not heard anything from my Meraki rep.

dadinh · ‎Jul 9 2020

We had an "exklusive" look at it 2 weeks back, since one of our customers desperately wanted to see it.

Also got the info, if you're a Meraki customer already, you can ask you sales rep to be included into the beta. Not a 100% chance you getting into it though. Probably better chances if you have full stack and lots of Meraki stuff (and obv. a MX).

We keep hearing next FY for the open beta. (Which would be starting August)

INQ-Support · ‎Jul 9 2020

My recommendation to everyone is to find a different VPN solution. Meraki is just stringing everyone along and trying to get them to upgrade to more expensive equipment. The "beta" story hasn't changed in 8 months, and the "release date" keeps getting pushed back. Let's face it, Meraki (Cisco) already has the AnyConnect client in production and has for years. If it was important to them they would have put their top engineers on the issue, and modified the existing AnyConnect client to work with Meraki and specifically the MX models. Would have taken a month at the most. Hell, the native Apple/MAC client works and connects, MS Win10 client works (when it wants to) and the DrayTek VPN client I mentioned in an earlier post seems to work. Even if they decided to start from scratch, this issue should have been resolved 6 months ago.

Stealth_Network · ‎Jul 9 2020

I don't disagree with any of the statements made on this

Stealth_Network · ‎Jun 17 2020

I'll make the popcorn...

NickCMT · ‎Jul 31 2020

Just use the Draytek client for now, it seems to work fine.

AET-Tech · ‎Jul 31 2020

except i need to force my users to use vpn. they will not do it if we tell them to. only way i have had any luck is with a powershell script. even then its buggy. any ideas on how to force the vpn connection?

DetroitJeremy · ‎Jul 31 2020

I have also had better luck with the Powershell script to add the VPN for Windows 10 clients but still run into the occasional computer that drops settings. It'd be nice to use AnyConnect, even nicer if I can transfer my perpetual AnyConnect licenses from my ASAs to new MXs.

AnythingHosted · ‎Jul 31 2020

Let's hope that AnyConnect for Meraki does not require further licences!

cmr · ‎Jul 31 2020

🤣@AnythingHosted You made my Friday with that, I might work for a gambling company but I dont think that we'd give odds on there not being a charge. I could be pleasantly surprised though 🤞

If my answer solves your problem please click Accept as Solution so others can benefit from it.

Justin1234 · ‎Jul 31 2020

Haha, yeah I don't see them giving this away for free. It's obviously incredibly amazing software since it's taken years to develop.

lmorel · ‎Aug 4 2020

@Bsalami Curious since this is still a unicorn right about now: what kind of MFA support should we be expecting once the AnyConnect client is released?

Or anyone who might be evaluating the beta AnyConnect client on a MX, would you care to share how you can handle MFA for Client VPN access? After all, Duo Security was acquired by Cisco. Just like Meraki.......................................

It would be amazing if we could get some decent updates around here. I already complained to my Meraki rep about the serious lack of communication from Meraki to the masses. In comparison, it almost makes the White House look like masters in public relations in the last 6 months over anything that is COVID19 related......

JDunlap · ‎Aug 20 2020

@lmorel I would be willing to bet that they will allow us to point to a radius server for external auth. If that the case then you can use a Duo Authentication Proxy or Network Policy Server (NPS) extension for Azure MFA. I have been using Duo with the current Client VPN and it has been working just fine.

ezrakuhr · ‎Sep 15 2020

On a Meraki Partner update today, the Anyconnect VPN was brought up several times. We were told that when version 15 of MX's software is GA released that v16 will be made into a beta and v16 has the AnyConnect support.

AnythingHosted · ‎Sep 15 2020

I took this as a slight cop-out. Hasn't v15 been in beta for over 2 years?

I don't think there has been a stable release candidate for v15 either!?! I was under the impressions that the different stages were derived by the number of "stable" beta installs without reported issues?

Justin1234 · ‎Sep 15 2020

Seriously, V15 has been in beta a long time. So how many years until V16 comes out in GA? It's baffling that a Meraki rep mentioned this was on their "short list" 5 years ago, and yet we still have years to wait. It's not even new software, why is this so hard to make happen??? I have so many issues with site-to-site with 3rd party firewalls that I have to keep a separate firewall online to handle those in some cases. Can't they at least make client connections easy?

"ciscomerakiCisco Meraki 6 points 5 years ago

jdc,

I actually wrote the KB article you linked to. I wouldn't say that we don't put any development resources into client VPN. It would be more accurate to say that we don't devote resources to working on the EXISTING LwTP/IPsec Client VPN implementation because we want to remove it entirely in favor of SSL VPN/AnyConnect support. I don't have an ETA on this unfortunately, but it's on the short list of features to work on once we get through our current IWAN feature release later this calendar year."

DontBreakIt · ‎Nov 27 2020

Hi

Like many others I've been waiting patiently for the release of the Anyconnect client that works with Meraki. Hopefully it's not going to be much longer. However, my business has not been able to wait endlessly for a solution to I've had to look for an alternate solution.

I've come across a client that works brilliantly and seems to tick all the boxes in terms of ease of use, simple to deploy, supports multiple profiles (if case you wanted to provide alternate client vpn site connections over a multi-site SD-WAN network), can redirect all traffic through the tunnel or allow local breakout and can easily standardise it by distributing the profile file. So for my org it's all the options we've been looking for with the exception of GPO deployment and administration. In our case we also opted to use an internal radius server for better security and configured the Meraki to provide certificate base authentication allowing users to connect using their AD username and password. It is a free client supplied by Draytek (intended for use with their Vigor routers). It support various connection types but the L2TP over IPSEC works seamlessly with the Meraki, is fast and like I said ticks all the boxes. Our only concern is it's not a Cisco products and either Draytek or Meraki can release an update at any time and boom, no vpn. As soon as Anyconnect is released we plan to switch but right now we sort of have no choice, especially since we've had real difficulty getting the native Win10 client to work (at that solution puts a load onto my helpdesk).

So with this in mind I just wanted to reach out to the experts here and ask if there is any reason to be concerned (security wise) about using the Draytek client? I also thought, for those that are desperate for a solution that works until Anyconnect is ready, that this might prove useful. For those who are interested to try it then the client can be downloaded here: https://www.draytek.com/products/smart-vpn-client

JeroenVercoulen · ‎Jan 14 2021

Where did you set the certificate based authentication?

Do you have some screens to share?

dadinh · ‎Jan 18 2021

Just got the info that Anyconnect should launch in February.
The documentation is already online

https://documentation.meraki.com/AnyConnect_on_ASA_vs_MX

lpopejoy · ‎Jan 19 2021

Does anyone know how the licensing works for AnyConnect on MX?

mattalley · ‎Jan 19 2021

I was wondering the same thing.

Here's my research and possible guess:

It looks like AnyConnect will require the "SDWAN Plus" license for the MX. I wonder if they will be hardcoding a limit of client VPN sessions based on their sizing guides?

For example, I have an MX84 with the "Advanced Security" license, which as per their sizing guide can support up to 100 client VPN sessions. (Though I think it can handle more being that I am only using it as a client VPN concentrator).

So I will have to buy an upgrade license to get the SDWAN Plus (1 Year SKU: LIC-MX84-SDW-1Y), which costs about $2,257 USD at CDW.com. And maybe the device will be limited to 100 client VPN sessions? (I hope not!)

CptnCrnch · ‎Jan 19 2021

The document is not referring to SDWAN Plus. I'm pretty sure it will be the existing AnyConnect Plus licensing.

At least this would make perfect sense because those enable you to use each available VPN headend in your environment, MX will soon be one of them.

OVERKILL · ‎Jan 19 2021

That's helpful, as my understanding is that the Beta has had pretty typical licensing requirements with Advanced Security being sufficient, not sure about Enterprise.

mattalley · ‎Jan 19 2021

Ahh. I wasn't aware of an AnyConnect Plus license. I haven't had to buy AnyConnect licensing in a long time.

So if I had approx 200 users that would use the VPN, I would be looking at the "AC-PLS-P-250-S" license?

Which on CDW.com is around $3,637.49 USD.

I wonder how they will apply the licensing with the MX's. Do you think it will be applied in such a way to enforce session count limits, or honor based?

dadinh · ‎Jan 19 2021

@mattalley
I quickly calculated in CCW.
I'm in the EU though so prices and license names may vary.

The Anyconnect Plus licence for 200 unique users is~ 2400$ list price for a three year subscription
Which would be this L-AC-PLS-3Y-S2.
I'm not too familiar with Anyconnect licensing though so I might forgot something.

I'm guessing you'll just have to have active MX's and Anyconnect licenses. Hoping it will work with MX Enterprise also.

CptnCrnch · ‎Jan 19 2021

Please note that AnyConnect Licensing has nothing to do with the platform you‘re using as VPN headend! You‘re obliged to license the client itself, not the platform you‘re using to terminate that connection. Regarding that, Meraki doesn‘t have anything to do with the price you‘re paying for using the Cisco standard VPN client. 🙂

TI_Master · ‎Feb 11 2021

How do you view that link? I keep getting redirected to okta and it asks for a Meraki login (guessing its not for public view?)

Bruce · ‎Feb 11 2021

I believe its not for Public view (was probably put up by mistake). I'm sure it will become visible again when MX16 gets into public beta.

lmorel · ‎Feb 11 2021

Yeah, I regret not taking a screenshot. They locked it down shortly after. It's funny, I asked my Meraki sales rep and his engineer about it and forwarded the link. Then I implied that it was getting frustrating that here we go once again, getting some new info that might be conflicting with everything else we hear or read so far. The engineer came back the next day with a "hey, I can't even access this link!". And I thought he was messing with me only to realize they locked it down and even he couldn't access the info.............. dude, for real. ???

KingKuei · ‎Feb 16 2021

If you want to shoot me a message with your email, I happened to grab a PDF export of the page out of Google cache last month. It has a features breakdown in terms of what is or isn't supported by Meraki MX. They mention firmware MX 16.2+ in the document.

INQ-Support · ‎Feb 17 2021

I'm good. Since we are moving to a more formal remote work policy (with or without COVID), I decided the best course is to invest my time and energy in moving things to the cloud and eventually eliminating the Meraki VPN. I can deal with the Win10 VPN disconnects until I get everything to the cloud.

Stealth_Network · ‎Jan 19 2021

I understand Cisco's R&D investment into Anyconnect, but to continue to charge very high costs for the remote client versus both the native clients and/or their competitors with Meraki will not go over well with their customers IMHO.

Justin1234 · ‎Jan 19 2021

"

I understand Cisco's R&D investment into Anyconnect"

Haha, R&D investment for sure. This has been in development for 5+ years for some unknown reason.

OVERKILL · ‎Jan 19 2021

I tend to agree. Meraki licensing fees, particularly for the more feature-rich packages, are already pretty significant. The SMB market is only going to be so tolerant IMHO. I already find Adv. Sec a hard sell compared to Enterprise with some orgs, so I can't imagine the conversation playing out well in telling them that the SSL VPN client will cost even more on top of that.

I'm hoping that either there's a significant discount or that it gets rolled-into the more expensive license packages. That would be saleable IMHO, if you only get Enterprise, you'd have to pay for AnyConnect licensing separately, but it would be rolled into Adv. Sec and up.

Stealth_Network · ‎Jan 19 2021

Agreed, Since it seems the client will not include a lot of ancillary features the Anyconnect client includes for the FTD/ASA version, licensing should be included in the Adv. SEC license.

mattalley · ‎Jan 19 2021

That would be nice if they rolled it in to Adv Sec license since that is what I have 🙂

I vote for that.

shauno · ‎Mar 7 2021

Still no updates on AnyConnect for the MX?

I'm guessing if it's in Firmware 16.x (like mentioned above), then the older appliances won't support it (as they don't run 15.x)?

cmr · ‎Mar 8 2021

@shauno I think you are correct, in that devices that cannot run 15.x will not be able to run 16.x where AnyConnect support comes in.

I'd also eager that until more people upgrade their MXs to 15.x we'll still be waiting...

If my answer solves your problem please click Accept as Solution so others can benefit from it.

Bsalami · ‎Mar 9 2021

Hello All,

It's been a long wait, but finally we are happy to announce that AnyConnect is now available on the Meraki MX as a public beta feature on the MX16.X firmware.

To learn more about AnyConnect on the MX please visit AnyConnect on the MX

Thank you all for your patience!

Stealth_Network · ‎Mar 9 2021

Great news! (Finally)

will it work with DUO?

CptnCrnch · ‎Mar 9 2021

Yes!

MEmami · ‎Apr 27 2021

Hello,

as the new firmware is in Beta and doesn't support some features like multicast over LAN, Could you please tell me, how long does it take to get a productive version of MX16.x Firmware? We need to run anyconnect on our devices but as long as the firmware Beta version is, we can not use it in the production world.

Best Regards!

Meraki

Community

AnyConnect VPN support for MX devices

AnyConnect VPN support for MX devices