LICENSING AND INFRASTRUCTURE REQUIREMENTS:
Trial AnyConnect Apex (ASA) licenses are available for administrators at www.cisco.com/go/license
AnyConnect for iOS requires Cisco Adaptive Security Appliance (ASA) Boot image 8.0(4) or later.
Per App VPN requires ASA 9.3(2) or later (5500-X/ASAv only) with Plus or Apex licensing and a minimum Apple iOS version of 8.3. In the current 4.0 release the Per App functions are supported as beta. Please send questions/report issues to [email protected]
For Non Per App functions, use of AnyConnect on iOS is permitted with legacy (Essentials/Premium + Mobile) licensing until April 30, 2016.
For additional licensing questions, please contact ac-mobile-license-request (AT) cisco.com and include a copy of "show version" from your Cisco ASA.
As of November 2014, new license options (Plus/Apex) are available for purchase. These licenses include Mobile support. http://www.cisco.com/c/dam/en/us/products/security/anyconnect-og.pdf
Cisco AnyConnect provides reliable and easy-to-deploy encrypted network connectivity from any Apple iOS 6 or later device by delivering persistent corporate access for users on the go. Whether providing access to business email, a virtual desktop session, or most other iOS applications, AnyConnect enables business-critical application connectivity. Through the use of Datagram Transport Layer Security (DTLS), TCP-based applications and latency-sensitive traffic (such as voice over IP [VoIP]) are provided an optimized communication path to corporate resources.
Additionally, AnyConnect support IPsec IKEv2 with Next Generation Encryption.
- Automatically adapts its tunneling to the most efficient method possible based on network constraints, using TLS and DTLS.
- DTLS provides an optimized connection for TCP-based application access and latency-sensitive traffic, such as VoIP traffic
- Network roaming capability allows connectivity to resume seamlessly after IP address change, loss of connectivity, or device standby
- Wide Range of Authentication Options: RADIUS, RSA SecurID, Active Directory/Kerberos, Digital Certificates, LDAP, multifactor authentication
- Supports certificate deployment using Apple iOS and AnyConnect integrated SCEP
- Compatible with Apple iOS Connect On Demand VPN capability for automatic VPN connections when required by an application
- Policies can be preconfigured or configured locally, and can be automatically updated from the VPN headend
- Access to internal IPv4 and IPv6 network resources
- Administrator-controlled split / full tunneling network access policy
- Per App VPN (New in AnyConnect 4.0)
If you are an end-user and have any issues or concerns, please contact your organization’s support department. If you are a System Administrator having difficulties configuring or utilizing the Application, please contact your designated support point of contact.
If you would like to give feedback, suggestions, or leave comments directly to the team, you can reach us on Twitter by using the #anyconnect hashtag.
End user license:
What's New in Version 4.0.03004
Please report issues to us at [email protected] We are unable to respond to your App Store feedback.
IMPORTANT: After upgrading AnyConnect you must manually Connect with AnyConnect prior to using Apple's Connect on Demand functions.
4.0.x is the first release which is compatible with Apple iOS Per App VPN. This capability must be used in conjunction with a MDM/EMM vendor and requires ASA 9.3(2) or later on an ASA 5500-X or ASAv licensed with AnyConnect Plus or Apex licenses. The iOS device must be running iOS 8.3 or later. The Cisco Enterprise Application Selector must be used to create a policy, whether used to enforce additional restrictions or a wildcard policy (controlled solely by EMM/MDM).
4.0.03004 fixes a regression that prevented pasting in credentials from mobile tokens and implements a URI handler fix after upgrade.
While this is an officially supported release, the Per App function is supported as a beta in this build. Please report any Per App VPN feedback to [email protected] and not by opening up a Cisco TAC case