AnyConnect Web Deploy ASA · 2018. 1. 28. · Configuring an ASA for AnyConnect Web Deploy with Web...
Transcript of AnyConnect Web Deploy ASA · 2018. 1. 28. · Configuring an ASA for AnyConnect Web Deploy with Web...
-
Configuring an ASA for AnyConnect Web Deploy with Web Security
1. Check ASA version, this should be equal to or greater than 8.4.
2. Make sure an AnyConnect 3.0 image has been uploaded and that the ASA has been configured
to web deploy AnyConnect VPN. If this has not been done, STOP and reschedule the activation
with the customer after then have a working AnyConnect VPN web deploy package configured,
tested, and working.
-
3. Select “Group Policies”, highlight the AnyConnect group policy and click Edit.
4. Select Advanced | AnyConnect Client, uncheck Inherit for “Optional Client Modules to
Download”, check “AnyConnect DART” and “AnyConnect Web Security”, then click OK.
However, if the customer is using additional components, be sure to select those too.
-
5. Select Advanced | AnyConnect Client | Login Setting, uncheck Inherit, bullet “Download
AnyConnect Client”, and click OK.
-
6. Click Apply.
-
7. Select “AnyConnect Client Profile” and click Add.
8. Provide a Profile Name, set Profile Usage to “Web Security”, set Group Policy to the AnyConnect
group policy, and click OK. Note that the file extension in “Profile Location” should change from
XML to WSP when the Profile Usage is set to “Web Security”.
-
9. Select the Web Security policy created in step 8 and click Edit.
-
10. Configure the Web Security plug-in and click OK.
-
11. Click Apply.
At this point the AnyConnect web deploy package should be complete and ready for use.
-
Applying a Transform
1. Configuration | Remote Access VPN | Customized Installer Transforms | Import
2. Supply the following:
a. Name = _win-lockdown-arp (whatever the name, it should be preceded with an
underscore character so that the transform applies to all AnyConnect modules)
b. Platform = win
c. Select a file = Browse a file system for the correct transform (MST) file