Yes, but as a user you dont have a choice when certificat authorisation is not supported.
About the local Password manager: I dint find any that can enter the password in anyconnect. And switching back and forth is no fun either. The only usefull way would be to safe the link i mentioned in that manager and click it from there.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...