Within this article we will configure a basic Anyconnect setup.
The Anyconnect client provides the ability to securly connect to your LAN via TLS/DTLS (TLS over UDP).
Enable WebVPN
asa84(config)# webvpn
asa84(config-webvpn)# enable outside
INFO: WebVPN and DTLS are enabled on ‘outside’.
asa84(config-webvpn)# anyconnect image disk0:/anyconnect-win-2.5.2014-k9.pkg
ERROR: The specified AnyConnect Client image does not exist.
asa84(config-webvpn)# anyconnect enable
asa84(config-webvpn)# exit
Create User
asa84(config)# username user1 password abc123
asa84(config)# username user1 attributes
asa84(config-username)# service-type remote-access
asa84(config)# exit
Create IP Pool
asa84(config)# ip local pool VPN-POOL 192.168.1.1-192.168.1.254 mask 255.255.255.0
Create Group-Policy
asa84(config)# group-policy LAB internal
asa84(config)# group-policy LAB attributes
asa84(config-group-policy)# vpn-tunnel-protocol ssl-client ssl-clientless
asa84(config-group-policy)# address-pools value VPN-POOL
asa84(config-group-policy)# exit
Create Tunnel-Group
asa84(config)# tunnel-group LAB type remote-access
asa84(config)# tunnel-group LAB general-attributes
asa84(config-tunnel-general)# default-group-policy LAB
asa84(config-tunnel-general)# exit
asa84(config)# tunnel-group LAB webvpn-attributes
asa84(config-tunnel-webvpn)# group-alias LAB-VPN
asa84(config-tunnel-webvpn)# exit
Enable Login Dropdown
asa84(config)# webvpn
asa84(config-webvpn)# tunnel-group-list enable
asa84(config-webvpn)# exit
Once configured connect to your ASA via either its hostname or IP via a browser. Then login using the previously created user.
You will then be able to download the Anyconnect client by clicking on the ‘Start Anyconnect’ link.
- How to Configure a BIND Server on Ubuntu - March 15, 2018
- What is a BGP Confederation? - March 6, 2018
- Cisco – What is BGP ORF (Outbound Route Filtering)? - March 5, 2018
Want to become an IT Security expert?
Here is our hand-picked selection of the best courses you can find online:
Internet Security Deep Dive course
Complete Cyber Security Course – Hackers Exposed
CompTIA Security+ (SY0-601) Certification Complete course
and our recommended certification practice exams:
AlphaPrep Practice Tests - Free Trial