Multiple Client Profiles with AnyConnect

Unanswered Question
May 11th, 2012

Hello,

I have the need to store more than one VPN profile on my anyconnect client.  I am a consultant and have mulitple clients using AnyConnect.  The old VPN client used pcf files.  From what I've been about to gather, an XML file can be used to simulate this same function.  I tried to work with that, but had no luck.  The preferences file gets overwritten with that last successful connection. 

Can anyone help me out with this?  Please keep in mind, from a VPN standpoint, I'm just a user. Not an admin.  Quite honestly, I'm not even sure what to ask.  I just want this AnyConnect client to display all my VPN connections like the old one.

Thanks,

Greg

I have this problem too.
4 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 5 (2 ratings)
Marvin Rhoads Fri, 05/11/2012 - 19:30

Yes, the last used profile gets copied into preferences.xml in your default profile location = C:\Users\\AppData\Local\Cisco\Cisco AnyConnect Secure Mobility Client (for Windows 7).

However, all used profiles should be copied into the location C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\Profile (for Windows 7). If they are there, you should see them as selectable on a drop-down list in your AnyConnect client.

You could run into a problem if the folks running the ASAs use the same profile name. In that case, your could build some profiles yourself with the destination ASAs and give them unique names. A basic profile is only a structured handful of lines of plain text saved as an XML file.

Done properly, you should see something like this:

maharri2 Wed, 06/26/2013 - 09:33

Is there somethign I need to do to triger the recongnition of new profiles? I placed them in the Profile directory OK.

For the first profile I used a few weeks ago, it wasn't showing up. Then after a few days and PC restarts, suddenly the profile surprised me and showed up which I wasn't expecting as it hadn't changed anything ...... and from there on, it worked great.

This now happening again. I can see the orginal profile still and it works, but I can't see in the drop down the 2 new ones I just placed in the directory today.

What is the trick to getting Anyconnect to see recently added profiles and adding them to the dropdown?

sayrmatics Sat, 06/29/2013 - 09:33

The more i think about it, the messier it appears. As you are not the admin and also need to connect to different customer VPN gateways, i can foresee a situation where user controllable attributes set on the different VPN gateways keep overwriting whatever you get or configure personally - and rightly so. There is also the issue of what happens if you've got an old client and the ASA is configured to update your client if it has a more recent version?

Probably best going with Marvin's suggestion and creating your own VPN profile XML file and copying it into the right directory for your endpoint...and see what happens when you connect to the next VPN gateway

bsisco Fri, 07/19/2013 - 14:11

Seems like Cisco may have missed the mark on this one.  I too connect to many locations using the Anyconnect client, and have no control over the ASA configuration that manages their settings or deploys new versions.  I am constantly having to enter the hostname I wish to connect to, and modify my credentials.  XML is pretty flexible and it seems to me that the client could use the SSL thumbprint and hostname to define a schemed XML entry for each gateway.  One step forward, two steps back.

shashi_chandran Fri, 08/16/2013 - 03:39

Here is the solution to create multiple profiles in Cisco anyconnect VPN Client.

Perform following Steps :

  • Open location :  “%ProgramData%\Cisco\Cisco AnyConnect Secure Mobility Client\Profile”
  • Open notepad and copy below text :

<?xml version="1.0" encoding="UTF-8"?>

http://schemas.xmlsoap.org/encoding/">

 

   

      username

               

               

              

               

               

               

                ssl_url

               

               

                none

               

                true

   

 

  • Edit user and hostname as required.
  • Add client certificate thumbprint ( You can get this from preferences.xml file in

C:\Users\\AppData\Local\Cisco\Cisco AnyConnect Secure Mobility Client (for Windows 7).

  • Save as xml file in same location. .
  • Restart cisco anyconnect.

* perform same steps for all the addresses(profiles) you want to create. And you will get the list of all the address in Cisco anyconnect.

Thanks,

Shashi

Actions

Login or Register to take actions

This Discussion

Posted May 11, 2012 at 6:11 AM
Stats:
Replies:5 Avg. Rating:5
Views:16180 Votes:4
Shares:0
Categories: AnyConnect
+

Related Content

Discussions Leaderboard