In our company we have employees that travel and currently in our users XML profile(Cisco Secure Client) we have everyone configured with the "Always on VPN" set. This affect all our users trying to connect to Hotel WIFI's and Airline WIFI access. They are unable to because they cant establish the Internet access to start the VPN process.
I am trying to check with the Meraki community here on what is the most secure setting for our users with the "Always on VPN" feature configured in our environment.
What is the most secure Captive Portal XML configuration to use. We rely heavily on the highest secure settings and cannot compromise our data and would like to get some ideas or screen shots from what other companies are allowing access to Hotel WIFI and plane hotspots with the "Always On VPN" feature enabled.
You had already opened another discussion about this and did not answer any of the questions.
You are not likely to find a 100% solution to this.
Check out this captive portal troubleshooting guide by Cisco:
Going sideways - but what instead of using AlwaysOn - you go the zero trust route?
Philip.....I do like the Full-On SASE with Cisco secure Connect. Have you deployed this? and since I have 5 network locations across the USA as a Hub-Spoke connection and I was curious if I could test the Full-On SASE with Cisco Secure Connect in one location as a test bed or is a turn on for all location type of setup?
How hard is the Full-on SASE with Cisco Secure Connect configuration is to deploy?
What kind of licenses would I need additionally if I do?
We currently have Cisco Secure Client on all our workstations, Does this configuration require another end point software to be deployed?
Philip...
Answered this question myself...
We currently have Cisco Secure Client on all our workstations, Does this configuration require another end point software to be deployed?
Looks like we can still utilize the Cisco Secure Client (That we are using now) or we could use a browser on the users workstation.
If you have experience with deploying this configuration what suggestion you would recommend or is one setup/configuration more extensive than the other.
Looks like our company will deploy this full-On SASE with Cisco Secure Connect and would like to document on what the steps are so I can actually upload it to the Meraki Community for other users to be able to read and do not have to bombard people like you that answer all our sometimes "Dumb" questions...LOL
I have not deployed the full Meraki+Umbrella SASE solution. I have requested pricing for 5 licences so I can buy it and have a play ...
I does use Cisco Secure Client and the Umbrella module contained in it. You could use Cisco Secur Client like you do now - but a lot of things would no longer need it.
Also I probably would create a new topic here in the Meraki Community referring to the Configuration of Full-On SASE with Cisco Secure Connect.