Hello, I`ve been trying to find a diagram which shows a step-by-step list of the authentication of a client using AnyConnect Secure Mobility Client.

We are using a RootCA and SubCA which issue the client certificates.

So each user signs in with username/password and a client certificate. The connection is a SSL tunnel with DTLS activated.

How exactly does the certificate get authenticated and which steps are made during the login/authentication phase with SSL?

When looking for IPsec you find lots of guides on the negotiation, but not with the SSL/TLS/DTLS VPN tunnels initiation.

A quick answer would be greatly appreciated.