By Ross Madden
Published on April 23, 2010 9:35 am MT Updated on July 2, 2012 9:53 am MT Posted in Security News
UPDATE: The information regarding the Cisco VPN in this article is deprecated as the Cisco IPSec VPN client has reached its end of life . Please use the Secure Gateway instead: http://www.acns.colostate.edu/Connect.
I just received this message regarding old VPN clients still in use by some users. Here is the message –
[ACNS has] been working with a number of you through this semester to help get old, vulnerable Windows Cisco VPN clients off the network. We’ve made headway, but there are a number of users that have not upgraded. The vulnerabilities in these old clients can lead to a complete compromise of the PC and therefore pose a risk both to the user and to the University’s network.
I will wait until after final exams, to avoid interrupting access during academic crunch time. The VPN login banner now announces that after May 15th, Windows client versions older than 5.0.03 will not be allowed to log on – users need to upgrade. I’ll actually wait until the 19th when grade submission is complete…
In short, get those VPN clients upgraded if you are getting that login message! You can find the current versions here: http://www.acns.colostate.edu/?page=vpn_download