- How do I know I'm licensed to do this? My license key says I can do 750 VPN peers, but shared VPN licensing is disabled and anyconnect essentials is also disabled, does this mean I can't do it?
In your show version you should see ssl vpn peers. By default it is 2. You can increase this number by purchasing the required ssl vpn license or Anyconnect essentials license. You can go through the doc below for licensing options
2. When I go through the VPN wizard it asks for a digital cert, do I have to create one or do I have to buy one?
You can either generate a self signed cert or a third party cert. Third party is usually trusted by clients ( well know CAs) and wont prompt you a cert warning when you connect. For using certs you can refer the below links:
3.Can you create different profiles for users as we currently have the Cisco VPN client so Sales, Finance and HR can only connect to there systems and IT can connect to all, how can this be done on the anyconnect client?
You can connect the users to different connection profiles using Anyconnect. The users will get a drop down menu for which tunnel group to connect to when they login. These tunnel groups can have their own group-policy based on the group they connect. Also you could use client profiles on individual PCs to connect to individual profiles. The profile is an xml file that is pushed from the ASA to the client the first time it connects to the right group-policy. The profile has to be uploaded on the ASA for it to be pushed. For more details on AC profiles:
http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnect24/administration/guide/ac03features.html#wp1064149
