Sam Vesey 23rd February 2019 Advice 15 Minute

Our go to choice for any firewall deployment is the Cisco ASA

Provision SSL certificate

Whilst you can perform this entirely within the ASDM, in our humble opinion, it's easier to create a CSR and install the certificate via Windows IIS before porting to the ASA. 

Login to any Windows server you have access to and open IIS Manager. Open the "Server Certificates" section and open the "Create Certificate Request"

Once your CSR has been generated, provide the text file to your Certificate Authority and run through the verification process required.

Once the certificate has been returned by your Certificate Authority, open the "Complete Certificate Request" wizard and provide the .cer file.

Your new certificate will now be listed in the Server Certificates menu and you'll be able to export by right clicking > export and completeing the dialog box. You can now take the pfx file and install on your ASDM.

Install SSL certificate on ASA

Open ASDM and navigate to Configuration > Device Management > Certificate Management > Identity Certificates > Add > Browse > Select your PFX file and provide the password created earlier.

Configure AnyConnect with wizard

Install and test VPN client

Configure AnyConnect with wizard

Install and test VPN client