I have an AD homelab, and I need to connect tablets and phones remotely to my on-prem infra. I am currently using manually-deployed WireGuard, one on the router and one peer for each device, with manually generated key pairs. This is not very scalable, and I am looking for something better (like, better management tools, more automatic, probably PKI-based auth, and most importantly incorporated with the built-in Windows always-on VPN facilities). In addition, I would like to try something new :), so I found Cisco AnyConnect a little bit interesting. However, I am totally new to AnyConnect and Cisco products, so I have several beginner questions:
How does AnyConnect compare to traditional VPNs (e.g. always on PPTP L2TP OpenVPN WireGuard etc)? What are the features?
How is the license (I am considering the proprietary Cisco one rather than OpenConnect)? Do I need to buy a hardware?
Does it need to access anything in the cloud, or is it completely self-hosted?
In general, how to get started? (i.e. what are the recommended hardware / software to get started?)
Just from personal experience - I wouldn’t touch AnyConnect again with a 10ft. barge-pole.
Never deployed it from a NetOps/Internal IT standpoint, but used it as a client in some of the corporate environments I’ve been in and out was a headache every time.
Sure, it’d be good practice for Cisco heavy environments, but I really don’t see any benefit on a homelab over OpenVPN.
OVPN is compatible with more devices (especially Linux), supports RADIUS (i.e. Active Directory) and TOTP MFA, at which point the biggest difference I’ve personally seen is AnyConnect having deeper integration to Azure AD and the dedicated Microsoft authenticator app.
Don’t mean to be a buzz kill here, and if your still interested in AnyConnect then go for it! I just tend to lean toward the tried-and-true open source alternative when possible.
My company has installed CISCO ANYCONNECT on my work laptop and I’m considering downloading it to my IPad as well to have access to company network….My question is, can my location be monitored while using the VPN by my company?
