Implementing the Cisco SSL VPN Scenario
Information to Have Available
ASA 5505 Getting Started Guide
8-4
Chapter 8
Configuring the ASA 5505 for the Cisco AnyConnect VPN Client, page 8-7
•
Specifying the SSL VPN Interface, page 8-8
•
Specifying a User Authentication Method, page 8-9
•
Specifying a Group Policy, page 8-11
•
Configuring the Cisco AnyConnect VPN Client, page 8-12
•
Verifying the Remote-Access VPN Configuration, page 8-14
•
Before you begin configuring the adaptive security appliance to accept
AnyConnect SSL VPN connections, make sure that you have the following
information available:
•
Name of the interface on the adaptive security appliance to which remote
users will connect.
Digital certificate
•
The ASA 5505 generates a self-signed certificate by default. However, for
enhanced security you may want to purchase a publicly trusted SSL VPN
certificate before putting the system in a production environment.
Range of IP addresses to be used in an IP pool. These addresses are assigned
•
to SSL AnyConnect VPN clients as they are successfully connected.
List of users to be used in creating a local authentication database, unless you
•
are using a AAA server for authentication.
If you are using a AAA server for authentication:
•
AAA Server group name
–
Authentication protocol to be used (TACACS, SDI, NT, Kerberos,
–
LDAP)
IP address of the AAA server
–
Interface of the adaptive security appliance to be used for authentication
–
–
Secret key to authenticate with the AAA server
Scenario: Configuring Connections for a Cisco AnyConnect VPN Client
78-18003-02