Hello, I must be missing something but in the IPSEC vpn world I have multiple levels of security to limit vpn access.
1. I have to give an end user the VPN profile with the shared key and group name
2. That user then has to type his username and password through radius.
So if a person doesn't have that VPN profile, they can't attempt to break my users passwords to gain access to the network.
I configured the SSL vpn, and I feel like it is less secure b/c it solely relies on complex passwords to limit network access. So, someone can hit the ssl anyconnect IP address and start guessing usernames and passwords. They dont have to have a prerequisite client profile, etc.
Basically, I am looking for some way to have to give a SSL VPN user a digital certificate. Without the digital certificate installed on their browser, they cannot connect to the portal login page. Any configuration guides would be greatly appreciated. Thanks for the help.