RA AnyConnect VPN with IPSec with IKEv1 and IKEv2

rjadhav163 · ‎08-16-2016

Hi

Can anyone give me a link to video (preferred) or exact section in ASDM guide on how to implement:

a) RA VPN with AnyConnect using IPSec IKEv1

b) RA VPN with AnyConnect using IPSec IKEv2

Thanks and Regards

JP Miranda Z · ‎08-17-2016

rjadhav163,

AnyConnect only supports ikev2.

This is a pretty good guide to configure this through ASDM:

https://supportforums.cisco.com/document/74111/asa-anyconnect-ikev2-configuration-example

Hope this info helps!!

Rate if helps you!!

-JP-

rjadhav163 · ‎08-23-2016

Hi JP,

thanks for the link. The configuration on the link you mentioned is done using the VPN Wizard.

There in step 6) you see that Authentication Method used is AAA. The wizard provides no way to change that to certificate. How can I make sure that the users using a certificate with a specific OU field would be able to connect to ASA.

Thanks and Regards,

JP Miranda Z · ‎08-23-2016

Hi rjadhav163,

This link explains the CLI configuration for AnyConnect with ikev2 and double authentication with aaa and certificates, if you want only certificate authentication you can keep the certificate configuration and remove the aaa from the tunnel group.

http://www.cisco.com/c/en/us/support/docs/security/anyconnect-secure-mobility-client/113692-technote-anyconnect-00.html

Hope this info helps!!

Rate if helps you!!

-JP-