Table of Contents

Via GUI

Clientless VPN

1. First step is to go to the menu and click Wizards>SSL VPN Wizard...
2. Click on the Clientless SSL VPN Access and Next
3. Name the Profile (ex: home), Choose the newly created Certificate (Adding Self Signed Certificates to ASA), Check off Connection Group Alias/URL and add name (ex: Home), Check off Display Group Alias list at the login page, Click Next
4. For user authetication, choose either Authentication using AAA server group, or Authenticate using local user Database. If the local, create any users required. If AAA Server Group, follow these instructions first to choose the server group.
5. Create a new Group Policy, name accordingly (ex: HomeSSLGRPPLC )
6. If you wish to add Bookmarks, click manage and add any details you need. I will not go into detail in this walkthrough.
7. Click Finish
8. Drown down Network (Client) Access, Click AnyConnect Connection Profiles
9. Click on "Assign Certificate to Interface" below the Access and DTLS port configuration options, and make sure an SSL Certificate is chose for the outside interface.

...

Edit group Policy for IP Pool and AAA Authentication

Via CLI

Notes

• If the VPN isn't responding to the client or clientless, it may be due to your provider blocking ports. I change single host IP management ports to 445, but most providers block that port due to MS SMB protocols going over 445. Changing the port to something like 446, 446, or anything above 1024 should work without issue in those cases.