Oh - Hi Julio - again my friend :)

No i don't have as at this moment it is just still during decision from my customer if he decide i will have access and could provide information, at this time i would like just to ask whether is this hard to accomplish? Probably there is license as this asa will be provided by external provider so licence has to be there.

Thanks i will come back when more info :)

P.S For clients, does anyconnect software free to use for clients to connect to asa?

P.S So there have to be also licenses, and for what are those licenses for each vpn or?

Thank you Arie,

Yes, the anyconnect software can be download from the public IP address used for the VPN through the browser. This software must be included on the flash of the firewall.

:-) 

can they just download anyconnect from cisco browser or do i have to provide it on my asa (or it will be there automaticly when i make vpn)?

For example, you have configured your SSL VPN properly and you have the Anyconnect software into the flash of your ASA firewall, the client can go to its browser, type the public IP associated to the SSL VPN (ie: https://150.A.B.C), type the credentials that you will be providing and finally download the Anyconnect software.

how to put this anyconnect to flash?

Hi, You can first check your flash in order to know if it is already included or if you have available space

Example: You will find a pkg file.

show flash:

169  1955915     Sep 24 2008 23:51:34  anyconnect-win-xxxxxx-k9.pkg

Now if you don't have it and if you have contract with Cisco, you could download it from www.cisco.com

In order to upload to the ASA is the same procedure as you make when you are going to upgrade the device.

copy tftp: flash:
Address or name of remote host []?  <Host IP addres from you are going to upload>
Source filename []? <pkg. filename>

Hm i am not sure about tftp server, is it something i do have to install somwhere?

Yeap the tftp is a software you must install on your computer, I think Cisco has one, I also have used 3Cdaemon. 

This software will help you to make the transfer between your computer and the ASA firewall. On the tftp You must indicate the folder source where the image is storage. 

One easy way to implement VPN on Cisco ASA is following the instructions showed through this command line

(config)# vpnsetup ?

configure mode commands/options:
ipsec-remote-access                 Display IPSec Remote Access Configuration Commands
l2tp-remote-access                   Display L2TP/IPSec Configuration Commands
site-to-site                                 Display IPSec Site-to-Site Configuration Commands
ssl-remote-access                     Display SSL Remote Access Configuration Commands

Example:

vpnsetup ssl-remote-access steps

Steps to configure a remote access SSL VPN remote access connection and AnyConne ct with examples:

1. Configure and enable interface

interface GigabitEthernet0/0
ip address 10.10.4.200 255.255.255.0
nameif outside
no shutdown

interface GigabitEthernet0/1
ip address 192.168.0.20 255.255.255.0
nameif inside
no shutdown

2. Enable WebVPN on the interface

webvpn
enable outside

3. Configure default route

route outside 0.0.0.0 0.0.0.0 10.10.4.200

4. Configure AAA authentication and tunnel group

tunnel-group DefaultWEBVPNGroup type remote-access
tunnel-group DefaultWEBVPNGroup general-attributes
authentication-server-group LOCAL

5. If using LOCAL database, add users to the Database

username test password t3stP@ssw0rd
username test attributes
service-type remote-access

Proceed to configure AnyConnect VPN client:

6. Point the ASA to an AnyConnect image

webvpn
svc image anyconnect-win-2.1.0148-k9.pkg

7. enable AnyConnect

svc enable

8. Add an address pool to assign an ip address to the AnyConnect client

ip local pool client-pool 192.168.1.1-192.168.1.254 mask 255.255.255.0

9. Configure group policy

group-policy DfltGrpPolicy internal
group-policy DfltGrpPolicy attributes
vpn-tunnel-protocol svc webvpn

Please rate the comment if it is useful

:-)