ASDM AnyConnect Profile: Host with port

Unanswered Question
Jun 2nd, 2010

ASA5510 with ASDM6.3

Anyconnect is working fine. We allready had a certificate for our external IP adress so we specified AnyConnect to use a different port and bought a certificate for that.

Ive created a XML profile to be pushed to the clients. The problem is that it will not accept or push the port specified so when the client connects it connects to x.x.x.x and therefor getting the wrong certificate instead of connecting to x.x.x.x:442.

If I disable the profile and write x.x.x.x:442 manually in the client it works and I get the right certificate and connects..

What can I do to make the client read the XML file with a port?

XML file:

<?xml version="1.0" encoding="UTF-8"?>

<AnyConnectProfile xmlns="http://schemas.xmlsoap.org/encoding/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://schemas.xmlsoap.org/encoding/ AnyConnectProfile.xsd">

<ClientInitialization>

<UseStartBeforeLogon UserControllable="true">true</UseStartBeforeLogon>

<AutomaticCertSelection UserControllable="true">false</AutomaticCertSelection>

<ShowPreConnectMessage>false</ShowPreConnectMessage>

<CertificateStore>All</CertificateStore>

<CertificateStoreOverride>false</CertificateStoreOverride>

<ProxySettings>Native</ProxySettings>

<AutoConnectOnStart UserControllable="true">true</AutoConnectOnStart>

<MinimizeOnConnect UserControllable="true">true</MinimizeOnConnect>

<LocalLanAccess UserControllable="true">false</LocalLanAccess>

<AutoReconnect UserControllable="false">true

<AutoReconnectBehavior UserControllable="false">DisconnectOnSuspend</AutoReconnectBehavior>

</AutoReconnect>

<AutoUpdate UserControllable="false">true</AutoUpdate>

<RSASecurIDIntegration UserControllable="false">Automatic</RSASecurIDIntegration>

<WindowsLogonEnforcement>SingleLocalLogon</WindowsLogonEnforcement>

<WindowsVPNEstablishment>LocalUsersOnly</WindowsVPNEstablishment>

<AutomaticVPNPolicy>false</AutomaticVPNPolicy>

<PPPExclusion UserControllable="false">Disable

<PPPExclusionServerIP UserControllable="false"></PPPExclusionServerIP>

</PPPExclusion>

<EnableScripting UserControllable="false">false</EnableScripting>

<BackupServerList>

</BackupServerList>

<EnableAutomaticServerSelection UserControllable="true">false

<AutoServerSelectionImprovement>20</AutoServerSelectionImprovement>

<AutoServerSelectionSuspendTime>4</AutoServerSelectionSuspendTime>

</EnableAutomaticServerSelection>

<RetainVpnOnLogoff>false

</RetainVpnOnLogoff>

</ClientInitialization>

<ServerList>

<HostEntry>

<HostName>Ardo</HostName>

<HostAddress>X.X.X.X:442</HostAddress>

<UserGroup>SSL_Users</UserGroup>

</HostEntry>

</ServerList>

</AnyConnectProfile>

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
kristianbonde_2 Wed, 06/02/2010 - 23:22

hmm funny..

I´ve tested this:

    

          Ardo

                1.0.0.0

                      

                               X.X.X.X:442

                      

    

When I test this it lets me know that 1.0.0.0 doesnt work but it will try x.x.x.x:442... and then it connects!

Now why doesnt it use the port when I do this!? :

    

          Ardo

                x.x.x.x:442                      

    

Actions

This Discussion

Related Content