cancel
Showing results for 
Search instead for 
Did you mean: 

Can I use Cisco AnyConnect with Meraki Client VPN?

New here

Can I use Cisco AnyConnect with Meraki Client VPN?

Looking for an easier way to manage/create VPN profile with Meraki and AnyConnect would be a good fit.

12 REPLIES
Building a reputation

Re: Can I use Cisco AnyConnect with Meraki Client VPN?

AnyConnect, as far as I know, can only be manually configured using the System Mananger.  You will have the ability to set configuration and deployment of VPN server credentials for any L2TP, PPTP, Cisco IPSec or AnyConnect server in that module.  You could also terminate the AnyConnect clients to an ISR router and then cycle that traffic through the Meraki as an alternative.  Depending on what your purpose is, Meraki also offers an appliance called the Teleworker VPN which allows you to extend the corporate LAN to remote sites, without requiring all clients and devices to have client VPN software.

Here to help

Re: Can I use Cisco AnyConnect with Meraki Client VPN?

Unfortunately you can't use Cisco AnyConnect with the Meraki MX appliances. I know this is a common request, and hopefully its one that will come about soon, hit that 'Make a Wish' button a bit more. Although Cisco AnyConnect client can create an IPSec tunnel, it only uses IKE v2 for the initial negotiations, whereas the MX appliances only do IKE v1 at the moment - that I believe is the problem.

Getting noticed

Re: Can I use Cisco AnyConnect with Meraki Client VPN?

 That's the one piece holding us back from seriously looking at the MX line. Having a good SSL VPN.

Conversationalist

Re: Can I use Cisco AnyConnect with Meraki Client VPN?

I've seen some information about 6 months ago that stated cisco anyconnect is definitely coming to the mx series but the release date was not specified. I'll try find this again so you can follow up on it.
Here to help

Re: Can I use Cisco AnyConnect with Meraki Client VPN?

It's definitely still coming Smiley Happy Keep in contact with your local Meraki team if you want to know more.

Getting noticed

Re: Can I use Cisco AnyConnect with Meraki Client VPN?

+1  Better control over client VPN would be great.  Support for Cisco AnyConnect & SSL VPN would be amazing as well!

AJ
Conversationalist

Re: Can I use Cisco AnyConnect with Meraki Client VPN?

Would someone be so kind as to mention what features AnyConnect has over native Windows 10 VPN client? I had used AnyConnect years ago and don't recall what was so great about it. It was good, but didn't seem that wonderful. The Windows 10 native client seems just as easy to setup and even easier to use.

 

Specific point of interest to me:

Does AnyConnect allow me to give a static IP address to the client and still connect to a Meraki? Win10 client allows this (technically), but it fails to connect unless set to DHCP, even though the static IP is within the Meraki's assigned VPN client address range.

 

I redact the previous paragraph. Turns out that Windows Firewall was causing problems. Got my client connected with a static IP address after turning it off.

Comes here often

Re: Can I use Cisco AnyConnect with Meraki Client VPN?

This would be great, but since it hasn't been worked on in 3 or so years, don't count on it.

Highlighted
Here to help

Re: Can I use Cisco AnyConnect with Meraki Client VPN?


@Bruce wrote:

It's definitely still coming Smiley Happy Keep in contact with your local Meraki team if you want to know more.


Any update on this at all?

 

The Windows 10 client works ... but sometimes Windows update switches the connection from PAP to MSCHAP and clients can't connect. Like Microsoft decides it wants to remove what it considers an unsecure setting and change it to their 'secure' MSCHAP. Getting frustrating having to do this for multiple VPN clients on company laptops.

 

An actual Meraki client or AnyConnect client that overrides Windows settings would be more beneficial!

 

Spiceworks community posting advises this has been on going and annoying for a lot of users of Merak...

 

Anyone even thought to do a 'dual purpose client', where during the install, you select "Cisco Meraki connection", or "Cisco connection" and it tailors the client settings to the applicable to the hardware you are connecting to? This way Windows hopefully won't override it. I really like Meraki, and my only pain point over past 2yrs is the fact WinDOZE decides to just update your settings and override them and stops users connecting ...



T Roberts
A+, Network+, MCP, Dell and CMNO
Comes here often

Re: Can I use Cisco AnyConnect with Meraki Client VPN?

It's been going on since we have used it (2 years). Our local Meraki person has changed 3 or 4 times in that time frame, I've not heard from the current one.
Conversationalist

Re: Can I use Cisco AnyConnect with Meraki Client VPN?

 

1. Make a one-line PowerShell script to add the VPN connection

2. Convert the PS script to the exe file and distribute the zipped exe file 

user download the file, unzip and run it then the VPN connection is created

Here is the code (Visual Studio Code is the best IDE for PowerShell)

Add-vpnconnection -Name MyVPN -ServerAddress 1xx.2xx.1xx.1xx -TunnelType l2tp -AuthenticationMethod pap -RememberCredential -l2tpPsk *secret*
 
If you like you can add -SplitTunneling into the above script, and add few routes letting only specific traffic going to the VPN connection, other traffic still goes to the local Internet connection, e.g.:
Add-VpnConnectionRoute -ConnectionName "MyVPN" -DestinationPrefix 128.136.0.0/16
 
How to convert PowerShell script to an exe file? I'm using PS2EXE, it works great
 
 
Robin Jiao
Jul, 2018
Getting noticed

Re: Can I use Cisco AnyConnect with Meraki Client VPN?

Thanks for the PS Script.  That works great.