About Cisco Firepower Firewalls
Cisco Firepower Next Generation Firewalls offer security-conscious business users high performance protection for their network.
These powerful VPN firewalls come with a diverse spec designed to suit a range of use cases, from small businesses and branch offices, all the way up to enterprise and data center level.
Jump to:
- Cisco Firepower 1010 tech specs
- Configuring VPN on your Cisco firewall
- Configuring IPsec
- Configuring SSL
- Share Sophos VPN connection with team members
On this page, we take you through the key VPN specification for the Cisco Firepower 1010, as well as all you need to know about setting up an IPsec or AnyConnect SSL VPN tunnel on your Cisco Firepower firewall and connect on Mac, iPhone or iPad.
Configure VPN on your Cisco Firepower firewall
Every organization has specific requirements for their VPN which makes it tricky to provide a 'one-size-fits-all' method for the VPN gateway configuration. For this reason, this guide assumes that you or your admin has already successfully configured a VPN tunnel on your Cisco Firepower device.
This being said, if you require assistance configuring VPN on your Cisco Firepower firewall in order to get connected in VPN Tracker, reach out to our support team – we're happy to help!
Connect to Cisco Firepower via IPsec VPN on Mac, iPhone, iPad
To connect to your Cisco Firepower IPsec VPN on your Mac, iPhone or iPad, you will need to enter the following configuration information for your device:
Configuration checklist
- Gateway address
- Pre-shared Key
- VPN username
- VPN user password
- Remote Identifier (remember, the remote identifier on your device = the local identifier for the VPN client.)
Tip: If you're not sure about any of these values, reach out to your IT admin for further assistance.
Connect to your Cisco Firepower IPsec VPN tunnel
In order to connect to the new IPsec VPN tunnel and get secure remote access to your Cisco Firepower firewall, you will need a VPN client.
VPN Tracker supports Cisco EasyVPN auto-configuration, making it super straightforward to connect to Cisco IPsec VPN on Mac, iPhone and iPad! Enter the IP address for your Cisco gateway to automatically import your connection settings into VPN Tracker.
Follow these steps to configure a connection:
- Launch VPN Tracker, create a new Cisco connection and choose EasyVPN (IPsec)
- Under VPN Gateway > Address, enter the Host Name or IP Address (1) of your Cisco firewall. If in doubt, you will find this on the network overview in the web interface of your device
- Authentication: Choose Pre-shared key and enter the password (2) you configured on your firewall
- User login details (XAUTH): Here you can enter your unique Username (3) and Password (4) from the Cisco firewall
- For Key ID, enter the Remote Identifier (5) you configured on the Cisco firewall (this is the local identifier in VPN Tracker, e.g. “IKEv1TunnelGroup”)
- Click Done to securely save your connection to your account via end-to-end encryption
You can now connect to your Cisco Firepower firewall via IPsec VPN on Mac, iPhone or iPad.
A note on older devices
For newer Cisco Firepower firewalls (running ASA 9.13 or later), VPN Tracker automatically selects Diffie-Hellman Group 14 for the IPsec tunnel encryption, as this is the highest possible group which is supported by Cisco Firepower.
If you are using an older device (pre ASA 9.13) which does not support up to DH-Group 14, you will need to enter the group number manually (e.g. Group 2.) Please ensure the group number you enter in VPN Tracker exactly matches the group number configured on your Cisco gateway.
To update the DH group, open the configuration for your connection, switch to the Advanced tab and under Phase 1, go to Diffie-Hellman and choose your group number from the dropdown menu:
For older Cisco Firepower devices, please manually select your DH-Group value in the configuration settings
Connect to Cisco Firepower via SSL VPN on Mac, iPhone, iPad
To connect to your Cisco Firepower SSL VPN on your Mac, iPhone or iPad, you will need to enter the following configuration information for your device:
Configuration checklist
- Gateway address
- Authentication certificates (Local Certificate and Certificate Authority). Not sure? Reach out to your IT admin or refer to your VPN portal
- VPN username
- VPN user password
Connect to your Cisco AnyConnect SSL VPN tunnel
In order to connect to the AnyConnect SSL VPN tunnel and get secure remote access to your Cisco Firepower firewall, you will need a VPN client.
VPN Tracker supports AnyConnect SSL VPN connections on Mac, iPhone and iPad!
Follow these steps to configure a connection:
- Launch VPN Tracker, create a new Cisco connection and choose AnyConnect SSL VPN
- Enter the gateway address or hostname of your Cisco Firepower firewall (1)
- Under Authentication, upload your Local Certificate and Certificate Authority (2)
- Next, enter your Username (3) and Password (4) to log in to the VPN when you connect
- Finally, give your connection a name and securely store it in your account via end-to-end encryption
You can now connect to your Sophos XGS firewall via SSL VPN on Mac, iPhone or iPad.
Share a Cisco VPN connection with your team
Configuring VPN for multiple users? VPN Tracker makes it easier than ever to roll out pre-configured VPN connections to team members using secure, end-to-end encrypted, cloud-based technology.
Select Share with Team to instantly share the new connection with team members using TeamCloud and grant them secure VPN access on Mac, iPhone and iPad. For example, for SSL VPN connections, VPN users won't need to log in to the AnyConnect client and enter the gateway information and their login details every time, as these will be securely stored in their VPN Tracker account using end-to-end encryption. Learn more.
Tip: You can even choose to hide the connection settings upon export for complete zero-trust privacy.
Use TeamCloud technology to securely roll out Cisco VPN connections to team members
Once a team member has received their connection, all they need to do is use their unique Username and Password from the Cisco gateway to access the VPN in VPN Tracker. For Cisco AnyConnect SSL connections, Single Sign-on (SSO) is also supported to make the connection rollout even smoother.
Set up your Cisco VPN connection today
Start your free, 7 day VPN Tracker trial today and connect to Cisco VPN on Mac, iPhone & iPad..
