Use FDM APIs to upload the AnyConnect Client Software package to FTD to distribute to your users. See Upload AnyConnect Software Packages to Firepower Threat Defense Devices.
To complete a VPN connection, your users must install the AnyConnect client software. You can use your existing software distribution methods to install the software directly. Or, you can have users install the AnyConnect client directly from the FTD device.
Note: Users must have Administrator rights on their workstations to install the software.
If you decide to have users initially install the software from the FTD device, inform users to perform the following steps:
Note: Android and iOS users should download AnyConnect from the appropriate App Store.
- Using a web browser, open https://ravpn-address, where ravpn-address is the IP address or hostname of the outside interface on which you are allowing VPN connections.
You identify this interface when you configure the remote access VPN. The system prompts the user to log in.
- Log into the site.
Users are authenticated using the directory server configured for the remote access VPN. Log in must be successful to continue.
If the login is successful, the system determines if the user already has the required version of the AnyConnect client. If the AnyConnect client is absent from the user’s computer or is down-level, the system automatically starts installing the AnyConnect software.
When the installation is finished, AnyConnect completes the remote access VPN connection.
Distribute new AnyConnect Client Software version
You can distribute the new version of AnyConnect client software to your users by uploading them to FTD without removing the old version. Once the AnyConnect client is uploaded successfully, you can remove the old version.
The AnyConnect client detects the new version on the next VPN connection the user makes. The system will automatically prompt the user to download and install the updated client software. This automation simplifies software distribution for you and your clients.
The following figure shows an example of an FTD device with two versions of AnyConnect client software (AnyConnectWindows_3.2_BGL and AnyConnectWindows_4.2_BGL) for Windows OS.