Hi Wesley,
I was going through the old unanswered posts and found this one - do you still need help with this?
If so, I recommend following (part of) the following document:
http://www.cisco.com/en/US/products/hw/vpndevc/ps2030/products_configuration_example09186a00809a3fa5.shtml
This is written for the US military's CAC smartcards, but the principle is the same. You can probably skip the LDAP part (unless you want to do LDAP authorization as well) and of course you will have to import your own enterprise CA certificate(s) .
I hope this helps, let me know.
Herbert
(BTW for future reference, the VPN category would probably be a better place to put this kind of question)