69-3
Cisco ASA 5500 Series Configuration Guide using ASDM
Chapter 69 General VPN Setup
Client Software
• Image URL—Contains the URL or IP address from which to download the software image. This
URL must point to a file appropriate for this client. For Windows, MAC OS X, and Linux-based
clients, the URL must be in the form: http:// or https://. For hardware clients, the URL must be in
the form tftp://.
–
For Windows, MAC OS X, and Linux-based VPN clients: To activate the Launch button on the
VPN Client Notification, the URL must include the protocol HTTP or HTTPS and the server
address of the site that contains the update. The format of the URL is:
http(s)://server_address:port/directory/filename. The server address can be either an IP address
or a hostname if you have configured a DNS server. For example:
http://10.10.99.70/vpnclient-win-4.6.Rel-k9.exe
The directory is optional. You need the port number only if you use ports other than 80 for HTTP
or 443 for HTTPS.
–
For the hardware client: The format of the URL is tftp://server_address/directory/filename. The
server address can be either an IP address or a hostname if you have configured a DNS server.
For example:
tftp://10.1.1.1/vpn3002-4.1.Rel-k9.bin
• Edit—Opens the Edit Client Update Entry dialog box, which lets you configure or change client
update parameters. See Edit Client Update Entry.
• Live Client Update—Sends an upgrade notification message to all currently connected VPN clients
or selected tunnel group(s).
–
Tunnel Group—Selects all or specific tunnel group(s) for updating.
–
Update Now—Immediately sends an upgrade notification containing a URL specifying where
to retrieve the updated software to the currently connected VPN clients in the selected tunnel
group or all connected tunnel groups. The message includes the location from which to
download the new version of software. The administrator for that VPN client can then retrieve
the new software version and update the VPN client software.
For VPN 3002 hardware clients, the upgrade proceeds automatically, with no notification.
You must check Enable Client Update for the upgrade to work. Clients that are not connected
receive the upgrade notification or automatically upgrade the next time they log on.
Modes
The following table shows the modes in which this feature is available:
Edit Client Update Entry
The Edit Client Update dialog box lets you change information about IPsec VPN client revisions and
URLs for the indicated client types. The clients must be running one of the revisions specified for the
indicated client type. If not, the clients are notified that an upgrade is required.
Firewall Mode Security Context
Routed Transparent Single
Multiple
Context System
• — • ——