I have an ASA 5520, running 8.21, anyconnect 2.4. I have the profile on the ASA downloading with the client. I have a second ASA as a backup VPN server as well, they are configured as identically as possible.
If I connect on the first ASA using the hostname "vpn1.companyx.com", all works fine. when I go to connect to the second ASA using the hostname "vpn2.companyx.com" on the anyconnect client, I get the error message "invalid host entry". the xml profile tests as fine, the host entries are both resolvable in dns and the vpn2 system repsonds fine using IP address. It seems to be a anyconnect issue...
-Are you using a group-url on one ASA and not the other?
-Do you have "StandardUser" in your xml profile. If you create a new profile with a new name that does not have this setting does it work?
-If you have want to make it work with "StandardUser" in your xml profile, heres an example:
The ASA will initiate a connection to:
In order for the ASA to send back the proper information, that group URL would have to exist under your tunnel-group/connection profile
In the configuration:
tunnel-group CSCVPNUsers webvpn-attributes
group-url https://vpn.cisco.com/CSCVPNUsers enable