Chapter 10 Scenario: Configuring Connections for a Cisco AnyConnect VPN Client
Implementing the Cisco SSL VPN Scenario
10-4
Cisco ASA 5500 Series Getting Started Guide
78-19186-01
• Specifying the SSL VPN Interface, page 10-6
• Specifying a User Authentication Method, page 10-7
• Specifying a Group Policy, page 10-8
• Configuring the Cisco AnyConnect VPN Client, page 10-9
• Verifying the Remote-Access VPN Configuration, page 10-11
Information to Have Available
Before you begin configuring the adaptive security appliance to accept
AnyConnect SSL VPN connections, make sure that you have the following
information available:
• Name of the interface on the adaptive security appliance to which remote
users will connect.
• Digital certificate
The adaptive security appliance generates a self-signed certificate by default.
However, for enhanced security you may want to purchase a publicly trusted
SSL VPN certificate before putting the system in a production environment.
• Range of IP addresses to be used in an IP pool. These addresses are assigned
to SSL AnyConnect VPN clients as they are successfully connected.
• List of users to be used in creating a local authentication database, unless you
are using a AAA server for authentication.
• If you are using a AAA server for authentication:
–
AAA Server group name
–
Authentication protocol to be used (TACACS, SDI, NT, Kerberos,
LDAP)
–
IP address of the AAA server
–
Interface of the adaptive security appliance to be used for authentication
–
Secret key to authenticate with the AAA server
To Next Page
Loading...
Need help?
General
