Configuring AnyConnect SSL VPN Client Connections

First define the local ip pool

TestASA(config)# ip local pool VPN_testUsers 192.168.184.45-192.168.184.60 mask 255.255.240.0

TestASA# show disk0: | in pkg
8x.97.xxx.143/26

Configuring a Network object

Note: the “!” are just comments, dont include them
TestASA(config)# !creating a network object via the command line
TestASA(config)# object network Chris_ACl
TestASA(config-network-object)#
TestASA(config-network-object)# !now define the type of network object it is that you want to create
TestASA(config-network-object)#
TestASA(config-network-object)# subnet 192.168.168.0 255.255.255.0
TestASA(config-network-object)#

Enabling HTTP Server

TestASA(config-if)# http server enable
TestASA(config)# http http 192.168.176.0 255.255.240.0 inside

Enabling telnet via the console

TestASA(config)# telnet 192.168.176.0 255.255.240.0 inside
TestASA(config)#
TestASA(config)# !note, telnet cannot be performed from an outside network
TestASA(config)# !and that we can connect from the network specified
TestASA(config)# !and we are connecting from inside
TestASA(config)#
TestASA(config)# passwd cisco
TestASA(config)# telnet timeout 1000
TestASA(config)# !here we specified the password and also the telnet timeout of 1000s
Enabling SSH (secure shell) via the console

TestASA(config)# !you have to generate the RSA key
TestASA(config)# Crypto key generate rsa modulus 1024
WARNING: You have a RSA keypair already defined named <Default-RSA-Key>.

Do you really want to replace them? [yes/no]: yes
Keypair generation process begin. Please wait…
TestASA(config)#
TestASA(config)# ssh 192.168.176.0 255.255.240.0 inside
TestASA(config)# !Note: you can specify a single host (node) as well as it regards to your setup
TestASA(config)#
TestASA(config)# !note, telnet cannot be performed from an outside network
TestASA(config)# !and that we can connect from the network specified
TestASA(config)# !and we are connecting from inside
TestASA(config)#
TestASA(config)# passwd cisco
TestASA(config)# ssh timeout 10
TestASA(config)# !here we specified the password and also the SSH timeout of 10s