KB ID 0001685
A few days ago I did an article on Deploying Cisco AnyConnect with the Cisco FTD, there I glossed over the AnyConnect profile section. For a long time now, we have been able to edit the AnyConnect profile from within the firewall (if we are running ASA code!) But for the FTD we need to take a step backwards and go back to using the ‘offline’ AnyConnect profile editor.
Firstly you need to download the offline profile editor, you will find it on the Cisco AnyConnect Mobility Client download page;
I wont insult your intelligence, the setup is straight forward;
Launch the editor, and the screen you will see is exactly the same as you would normally see while using the profile editor in a Cisco ASA, (when launched from within the ASDM).
Note: I’m not going to go though all the settings, (this post would become immense!) Typically I allow remote (RDP) connections, and set the public FDQN for my AnyConnect profile.
Once you have finished, you can simply save the settings as an XML file.
Import an AnyConnect ‘Profile XML File’ into Cisco ASA
As mentioned above with all ‘modern’ versions of the ASDM/AnyConnect client you can create and edit an AnyConnect profile directly from within the ASDM. But (for completeness) here’s how to import one you created externally, (or exported form another firewall).
Configuration >Remote Access VPN > Network (Client) Access > AnyConnect Client Profile > Import.
Import an AnyConnect ‘Profile XML File’ into Cisco FTD
Objects > AnyConnect Client Profiles > Create AnyConnect Client Profile > Give it a name > Upload.
Browse to, and select the previously created XML file > Open.
You can now select this ‘profile file’ when setting up AnyConnect, or edit any existing AnyConnect Remote Access VPN configuration, and add this profile to it.