I'm trying to configure a remote access vpn policy which allows a user to connect, and stay connected (always on VPN). I'm looking at using this on some internet kiosks we manage and rather than providing a hardware site to site ipsec solution, thought I'd try this route.
I have a standard SSL Any connect profile working nicely. Under the AnyConnect Client Profile Editor I have created a new profile which has the 'Automatic VPN policy' enabed as well as 'Connect' for both a trusted and untrusted network. I have entered the domain name of our corporate environment. When I go to connect I get the following error:
"AnyConnect cannot confirm it is connected to your secure gateway. The local network may not be trustworthy. Please try another network."
Doing a bit of reading this seems to be often a certificate error. The question is why does ticking the automatic vpn policy cause this error, why is the ssl cert suddently an issue? I'm using a self signed cert FYI.
Can anyone point me in the right direction?