Anyconnect Basic Setup
1. Copy Anyconnect image to ASA flash: copy tftp: flash: 2. Enable Anyconnect on outside interface ASA(config)# webvpn ASA(config-webvpn)# anyconnect enable ASA(config-webvpn)# enable outside ASA(config-webvpn)# anyconnect image disk0:/anyconnect-win-4.7.00136-webdeploy-k9.pkg 3. Create a VPN pool: ASA(config)# ip local pool VPNPOOL 10.0.100.1-10.0.100.250 4.Create an object for the VPN pool ASA(config)# object network VPNPOOL ASA(config-network-object)# subnet 10.0.100.0 255.255.255.0 5. Create NAT exemption for VPN pool nat (inside,outside) source static NET-10.0.0.0_24 NET-10.0.0.0_24 destination static VPNPOOL VPNPOOL no-proxy-arp route-lookup 6. Create a group policy for Anyconnect ASA(config)# group-policy GP-SSLVPN internal ASA(config)# group-policy GP-SSLVPN attributes ASA(config-group-policy)# vpn-tunnel-protocol ssl-client 7. Modify default remote access tunnel group ASA(config)# tunnel-group DefaultWEBVPNGroup general-attributes ASA(config-tunnel-general)# address-pool VPNPO