Incredibly detailed video. Thank you, this is exactly what we need to quickly deploy these. I hope more are coming - great work!

Didn't realize that the certs are essential before watching this video. Thanks much!

Hi great video, I hope your still able to answer question. For Certificate section: CA1 the intermediate cert did u generate CSR using the internediate cert? Or the CSR was generated using CA 2?

Im curious - on the ASA you have to have a service account created. Is there a reason you do not use a service account for this? I have watched the Cisco video as well and they did not use a service account. How does the FMC get access to the AD server without a service account?

Curious, can I generate a CSR on a Linux server, use that CSR with my CA to generate my certificate and import that into the FMC? I'm confused in the first part of this video where you obtained that ca1 certificate? Where did you generate this?

HI, just curious why do you need the ACP policy you created LAN > VPN POOL, is this for a LAN host to access the VPN Clients?

Is there any reason that you have the U-Turn/Hairpin rule @37:40 as Manual NAT instead of Auto NAT as per the AnyConnect Config Example?

Hi, I want assign the static IP to anyconnect client . I am using FMC IPpool and on System(Laptop) I configured static IP on Mobility client interface but it did not work out. Any sugesstions?

Hello. In my scenario I have a private IP address on my FTD outside interface and route public address to it from our ISP. How can I run AnyConnect on my FTD with private IP address on Outside Interface?

When using FMC IP pool, I often receive the IP address when connecting to Anyconnect IP is not received when DHCP server is specified Enabled use of DHCP in Advanced tab Do you know what the reason is?

hi... in case i need to remove map-value memberOf...do i need to apply via flexconfig ? by adding " no mam-value...."

Great video helped me a lot. Thank you. I have another question, how could I do the remote access of the VPN connectivity to the other 2 sites over the VPN tunnels? What do I need in order to do so? (NAT+ACP) both of them? Thank you very much.

Hi i have pppoe connection for internet, and Cisco doesn't have dyndns site like fortigate fortiddns to map my dynamic ip with site, is there any way I can configure the remote access vpn?

Also your first policy allows all traffic anyany not a good example :)

sounds like this guys is whispering ...geezz

So now we have to use GUI to type in CLI commands and pray that there will be no typo - to setup LDAP and attribute maps in particular. Do you realize how much your products have degraded over the years?

Can you configure the AnyConnect VPN to do Local authentication without LDAP?