Setting up AnyConnect VPN’s on the Cisco ASA 5508x (FTD)

Setting up AnyConnect VPN’s on the Cisco ASA 5508x (FTD)

This was done on FTD vs 6.2.3-83. 

Everything I have found on the Cisco FTD is outdated and the latest FTM interface looks nothing like the articles I have seen on the net. Below is a picture of my interface.

  1. In the Top Menu (Monitoring, Policies, Objects, Device), Select Device
  2.  I then select Remote Access VPN
  3. Create a Connection Profile name ( I entered the client domain-VPN)
  4. For AD Realm/Directory I selected the Realm I created earlier:
  5. I then downloaded from Cisco.com the anyconnect-win-4.5.05030-webdeploy-k9.pkg for Windows clients and uploaded it to the ASA and selected Next.
  6. For the certificate of Device Identity, I selected “Create New Internal Certificate”
  7. I then selected “Upload Certificate and Key” and entered in the certificate and keys I created here:
  8. For the outside interface, I selected my external interface
  9. I then entered the FQDN of my external IP. If you don’t have a FQDN for your external ip, you should it will make your life easier.
  10. For the address pool,  I created a new network: IE 192.168.9.0/24 (I didn’t use IPV6)
  11. For DNS and domain name, I entered my internal DNS servers and internal domain name and selected next.
  12.  I set the VPN as NAT Exempt
  13. Select my inside interface and entered my inside network, selected next and finished