We are in the process of implimenting SSL VPN using the AnyConnect client. I am curious if it is possible to have a Pre-Shared Certificate that is self signed created and then I would manually install the cert. This would ensure that I control who accesses the network using VPN.
What platform ASA? if so you can use Local CA configured in ASA and have user enrollment and installed in their PC all managed through the ASA applience.
Personally I have not used this method but from what I read very practical and all privided by asa .. I recommend to read couple of times The Local CA section of this link to get thorough understanding of its usage and implementation for SSL webVPN or client based vpn.