Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Community Member

Anyconnect

What are the proper (simplified) steps for enabling Anyconnect on an ASA.  Is purchasing a SSL certificate necessary? Thanks.

2 ACCEPTED SOLUTIONS

Accepted Solutions
Hall of Fame Super Silver

The AnyConnect client is used

The AnyConnect client is used for either full tunnel SSL VPN or full tunnel IPsec (IKEv2). Either method requires an SSL certificate on your ASA. You can use self-signed, private CA, or public CA / RA as the source of your certificate. Cisco recommends the third option as it will be recognized as a trusted root CA automatically. Option 2 requires your clients import the root certificate from the sigining CA into their trusted root certificates store. Option 1 requires they import the self-signed certificate.

As far as setting it up, you can follow the remote acess VPN wizard in ASDM. If oyou go the public CA SSL certificate route, you should have that in hand ahead of time.

Community Member

You can use this

You can use this configuration example: https://supportforums.cisco.com/document/74111/asa-anyconnect-ikev2-configuration-example Just used it two weeks ago and it works like a charm!
2 REPLIES
Hall of Fame Super Silver

The AnyConnect client is used

The AnyConnect client is used for either full tunnel SSL VPN or full tunnel IPsec (IKEv2). Either method requires an SSL certificate on your ASA. You can use self-signed, private CA, or public CA / RA as the source of your certificate. Cisco recommends the third option as it will be recognized as a trusted root CA automatically. Option 2 requires your clients import the root certificate from the sigining CA into their trusted root certificates store. Option 1 requires they import the self-signed certificate.

As far as setting it up, you can follow the remote acess VPN wizard in ASDM. If oyou go the public CA SSL certificate route, you should have that in hand ahead of time.

Community Member

You can use this

You can use this configuration example: https://supportforums.cisco.com/document/74111/asa-anyconnect-ikev2-configuration-example Just used it two weeks ago and it works like a charm!
52
Views
0
Helpful
2
Replies
CreatePlease to create content