We are in the process of implimenting SSL VPN using the AnyConnect client. I am curious if it is possible to have a Pre-Shared Certificate that is self signed created and then I would manually install the cert. This would ensure that I control who accesses the network using VPN.
What platform ASA? if so you can use Local CA configured in ASA and have user enrollment and installed in their PC all managed through the ASA applience.
Personally I have not used this method but from what I read very practical and all privided by asa .. I recommend to read couple of times The Local CA section of this link to get thorough understanding of its usage and implementation for SSL webVPN or client based vpn.
What platform ASA? if so you can use Local CA configured in ASA and have user enrollment and installed in their PC all managed through the ASA applience.
Personally I have not used this method but from what I read very practical and all privided by asa .. I recommend to read couple of times The Local CA section of this link to get thorough understanding of its usage and implementation for SSL webVPN or client based vpn.
That is exactly what method I researched and implemented a few days ago. It works really well and allows me to choose who I give certificates to and how long those certs are active. Users get an email with a one time password they use that password to retrieve the cert and then import in to Firefox or IE
