BEC Cisco AnyConnect Unmanaged VPN Installation … · Cisco AnyConnect Unmanged VPN Date: 2017-09-11 Installation and User Guide version 1.0 Ref. JN Data A/S – RemoteAccess Team

Cisco AnyConnect Unmanged VPN Date: 2017-09-11 Installation and User Guide version 1.0

Ref. JN Data A/S – RemoteAccess Team Page 1 of 19

BEC

Cisco AnyConnect Unmanaged VPN

Installation Guide

and

User Guide

Version 1.0

2017-09-11



Contents Installation ......................................................................................................................................................... 3

Installation: AnyConnect Secure Mobility Client ........................................................................................... 3

Download................................................................................................................................................... 3

Un-zip ......................................................................................................................................................... 3

Installation ................................................................................................................................................. 4

Restart the computer .................................................................................................................................... 6

Making the VPN connection to BEC .................................................................................................................. 7

Open AnyConnect: ......................................................................................................................................... 7

Type user name + Password + Token Password: ........................................................................................... 8

Compliant ...................................................................................................................................................... 9

If the AnyConnect Posture Check fails .......................................................................................................... 9

Use Cases ......................................................................................................................................................... 11

When the machine is ”compliant” .............................................................................................................. 11

Connect to BEC Citrix ................................................................................................................................... 11

Hints ......................................................................................................................................................... 11

Connect to Xportalen Uddannelse .............................................................................................................. 13

Hints ......................................................................................................................................................... 13

Connect to Inet (Xportalen via Inet) ............................................................................................................ 14

Hints ......................................................................................................................................................... 14

Connect to Kronos ....................................................................................................................................... 16

Hints ......................................................................................................................................................... 16

WebHotelAdministration ............................................................................................................................ 18

Connect to FTP and MS SQL servers ............................................................................................................ 18

Hints ......................................................................................................................................................... 18

Connect to HttpCommander ....................................................................................................................... 19

Hints ......................................................................................................................................................... 19



Installation

Installation: AnyConnect Secure Mobility Client

Download Go to: http://download.bec.dk/vpn/anyconnect/ Click ”anyconnect-win-4.4.03034-predeploy-k9.zip”:

Click ”Open”:

Wait for the installation zip file to be downloaded - opens:

Un-zip Drag ”anyconnect-win-4.4.03034-predeploy-k9 folder” out on the Desktop (or to another folder of your own choosing):

http://download.bec.dk/vpn/anyconnect/



Here is the installation folder un-zipped on the desktop:

Installation Open the ”anyconnect-win-4.4.03034-predeploy-k9 folder” and double click ”setup” (The one with the AnyConnect icon):

(YOU NEED TO HAVE ADMINISTRATOR PERMISSIONS FOR THIS) Click ”Yes” to the User Account Control:



Click ”Run:

Choose the 3 modules illustrated below:

… and click ”Install Selected” Click ”ok”:



Click ”Accept”:

The modules are beeing installed:

When installation is done – click ”ok”:

NB!

Restart the computer NB!

And then you have the ”AnyConnect Secure Mobility Client” installed – You can see the AnyConnect icon in the notification area:



Making the VPN connection to BEC (After the installation above) Here below is a description of how AnyConnect UnmanageVPN works after it’s installed:

Open AnyConnect:

- Click on the icon in the notification area: This dialog box appears:

Here you type: ”acvpn.prod.bec.dk/bxxxxxu”

Examples:

- If you are a connect/service customer (BEC username ends with: ”@res.bec.dk”): Username example: ”[email protected]” or “[email protected]” Please type ”acvpn.prod.bec.dk/res”

- If you got Bank number 19 (BEC username starts with B19xxxx) please type: ”acvpn.prod.bec.dk/b00019u”

- If you got Bank number 369 (BEC username starts with E69xxxx) please type: ”acvpn.prod.bec.dk/b00369u”

- If you got Bank number 888 (BEC username starts with J88xxxx) please type: ”acvpn.prod.bec.dk/b00888u”

Click ”Connect”:

(Here above: Shown for Bank number 11)



Type user name + Password + Token Password:

”Secondary Password” = “Token Password”, retrived from:

eToken: MobilePass App

A process is running “under the hood”

Order Information State

1

The initial connection is established.

The system updates AnyConnect modules on the computer if needed.

2

AnyConnect checks the computers health:

Is Antivirus, Antispyware and the Operative System up to date? If not: See the chapter “If the AnyConnect Posture Check fails” (next page)

3

Your computer is “Compliant”, and you got your VPN tunnel to the systems corresponding to the AD Groups you are member of (in BEC).



Compliant If the computer passes all the Checks, AnyConnect will show: ”Network Access Allowed”: Your computer is “Compliant”, and you got your VPN tunnel to the systems corresponding to the AD Groups you are member of (in BEC).

If you click on the AnyConnect Icon:

you can get a bit more information:

If the AnyConnect Posture Check fails The AnyConnect Posture Check, checks for the following:

Endpoint Check \ Category More info

User rights AD group membership

Operating System/Service Packs Exclusion of unsupported Operating System/Service Packs

Antivirus Installation Installation of one of the OPSWAT approved Antivirus programs

Antivirus Version/ Antivirus Definition Date Maximum 2 days old virusdefinitions

Antispyware Installation Installation of one of the OPSWAT approved Antispyware programs

Antispyware Version/ Antispyware Definition Date Same date/age as Antivirus

Windows Update Running Installed and running

Windows Update Configuration Up to date



If the AnyConnect Posture Check fails you will get information like this below (Here: Windows is not up to date):

You only get about 4 minutes to make the update, so It’s often easier to:

- Abort/cancle the connection attempt - Make the missing update:

o Antivirus o Antispyware (often in the same program as Antivirus) o Windows OS

- And start a new connection…



Use Cases Connect to AnyConnect VPN following the Guide in the earlier chapters above.

When the machine is ”compliant” If the computer passes all the Checks, AnyConnect will show: ”Network Access Allowed”: Your computer is “Compliant”, and you got your VPN tunnel to the systems corresponding to the AD Groups you are member of (in BEC):

If you got the right AD Group memberships, you now have a VPN connection, and can connect to the BEC systems according to your BEC subscription.

Connect to BEC Citrix Follow the guide from BEC, describing how to use BEC Citrix. If you don’t have the guide, please contact “BEC Direkte”, to get it.

Hints 1. Type https://citrix.prod.bec.dk in your browser.

2. Click ”Skip til Logon”, if you already got the Citrix Receiver installed:

(If you don’t have Citrix Receiver installed, you can get it here: https://www.citrix.com/products/receiver/)

https://citrix.prod.bec.dk/

https://www.citrix.com/products/receiver/



Login with your BEC user name, and password, and remember to choose the correct domain: Here is an example for B00011 / Bank 11:

… and you are connectet to the BEC Citrix environment:



Connect to Xportalen Uddannelse Follow the guide from BEC, describing how to use Xportalen Uddannelse. If you don’t have the guide, please contact “BEC Direkte”, to get it.

Hints Type https://uddannelse.xportalen.dk in your browser. Login with Xportalen User Name and Password

https://uddannelse.xportalen.dk/



Connect to Inet (Xportalen via Inet) Follow the guide from BEC, describing how to use Inet. If you don’t have the guide, please contact “BEC Direkte”, to get it.

Hints Type http://BankXXX.prod.bec.dk in your browser: (If your bank/customer number is 37: Type http://bank37.prod.bec.dk )

Type Inet User Name and Password:

In Inet, you have different modules corresponding to your Inet Profile. The screenshot below is from a profile, that only have the module: “Xportalen”:

http://bankxxx.prod.bec.dk/

http://bank37.prod.bec.dk/



Click on the Menu: Xportalen If you have popup blocker here, it will prevent Xportalen to start. Set the popup to “always”

When the popup is allowed, you will get “Xportalen”:



Connect to Kronos Follow the guide from BEC, describing how to use Kronos. If you don’t have the guide, please contact “BEC Direkte”, to get it.

Hints Type http://kronos.prod.dnkronos.dk in your browser: (and click on “Klik her”)

NB: You need to run Kronos in an old Java version (Please consult “BEC Direkte”, if you need to know wich Java versions you can use with Kronos) In this example Java SE 7.45 is used. Click “Allow”:

Accept, and click “Run”, to run Kronos:

http://kronos.prod.dnkronos.dk/



Then you got Kronos running:



WebHotelAdministration

Connect to FTP and MS SQL servers Follow the guide from BEC, describing how to do WebHotelAdministration via FTP and MS SQL. If you don’t have the guide, please contact “BEC Direkte”, to get it.

Hints Use FTP program e.g. like FileZilla. FTP Servers:

- Name: b00011102326.res.bec.dk / Address: 10.11.78.210 - Name: b00011102327.res.bec.dk / Address: 10.11.78.211

Program: MS SQL Management Studio MS SQL Servers:

- pd0221.res.bec.dk (port 1521) - td0316.res.bec.dk (port 1521) - pd0641.res.bec.dk (port 1521) - td0514.res.bec.dk (port 1521)

NB. You maybe have to run in a BEC user context. In this case you can use the “Runas command”: ”runas /netonly /user:domain\brugernavn [applikation]”

If you want to conenct to SQL Server TDSQL0316 (port 1521), the syntaks would be: ”runas /netonly /user:res\username ssms.exe”

Then type Server Name and Port like this: (Server Name: td0316.res.bec.dk\tdsql0316,1521)



Connect to HttpCommander Follow the guide from BEC, describing how to use HttpCommander. If you don’t have the guide, please contact “BEC Direkte”, to get it.

Hints Connect to: https://tms2iisbackend.prod.bec.dk/HttpCom162/ … and type BEC User Name and Password in the “popup”: NB: This “popup” can sometimes appear hidden behind the browser window. Then you need to click on the application down below in the taskbar.

Click: “ok”… And you wil get HttpCommander, with the paths/folders assigned to you:

https://tms2iisbackend.prod.bec.dk/HttpCom162/

Documents

BEC Cisco AnyConnect Unmanaged VPN Installation … · Cisco AnyConnect Unmanged VPN Date: 2017-09-11 Installation and User Guide version 1.0 Ref. JN Data A/S – RemoteAccess Team