Auto Connect to RAVPN using AnyConnect

fatalXerror · ‎12-22-2015

Hi Guys,

Good Day!

Is there's a way in AnyConnect with an ASA 9.1 as my headend to have an automatic connection once the endpoint boots up? I mean no user interaction required for the RAVPN to have a successful establish connection?

Thank you.

Philip D'Ath · ‎12-22-2015

Yes. You need to use certificates for authentication so no user prompts are required.

Philip D'Ath · ‎12-22-2015

Here is the reference for the start before login feature:

http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/107598-sbl.html

If you want local authentication, then configure the ASA as a CA server.

Then configure the AnyConnect client to get a certificate via SCEP from the ASA CA server.

fatalXerror · ‎12-22-2015

Hi p.dath,

Good day!

So Self-Signed Cert of the ASA will not able to work right?

Thanks

Philip D'Ath · ‎12-22-2015

You can make it work - but when you can buy an SSL123 certificate from GoDaddy for about $100 per year - how hard do you want to work to make a self signed certificate work?