Implementing the Cisco SSL VPN Scenario
Information to Have Available
Cisco ASA 5500 Series Getting Started Guide
10-4
Chapter 10
Specifying the SSL VPN Interface, page 10-6
•
Specifying a User Authentication Method, page 10-7
•
Specifying a Group Policy, page 10-8
•
Configuring the Cisco AnyConnect VPN Client, page 10-9
•
Verifying the Remote-Access VPN Configuration, page 10-11
•
Before you begin configuring the adaptive security appliance to accept
AnyConnect SSL VPN connections, make sure that you have the following
information available:
Name of the interface on the adaptive security appliance to which remote
•
users will connect.
Digital certificate
•
The adaptive security appliance generates a self-signed certificate by default.
However, for enhanced security you may want to purchase a publicly trusted
SSL VPN certificate before putting the system in a production environment.
Range of IP addresses to be used in an IP pool. These addresses are assigned
•
to SSL AnyConnect VPN clients as they are successfully connected.
List of users to be used in creating a local authentication database, unless you
•
are using a AAA server for authentication.
If you are using a AAA server for authentication:
•
AAA Server group name
–
Authentication protocol to be used (TACACS, SDI, NT, Kerberos,
–
LDAP)
IP address of the AAA server
–
Interface of the adaptive security appliance to be used for authentication
–
Secret key to authenticate with the AAA server
–
Scenario: Configuring Connections for a Cisco AnyConnect VPN Client
78-19186-01