I have an ASA setup with Anyconnect for VPN Phone. The setup works great on comcast but for some reason the phone fails on FiOS and we cannot figure out why. I typed the url the phone uses into a web browser: https://< ip address of ASA>/VPN_PHONE and I was returned a bad url of : https://< ip address of ASA>/+CSCOE+/wrong_url.html. This only happens on FiOS (we tested it on more then one location with same results.) On all comcast and verison internet services the phone works fine. Any suggestions or directions I should go in?
Also when connecting a phone at home if it sees a tftp server it immediatly tries to register and never goes into vpn mode unless the tftp address in network settings is modified to a bad address. Anyone know how to get around that?
Maybe a packet capture from the source and the ASA might shed some light on why FIOS is failing. As for the phone not establishing the VPN, the phone when using auto detect for the VPN will try and ping (ICMP) the IP address of the configured TFTP server on the phone. If it gets a response it assumes it's internal and does not start up the VPN. I would think that this should only be a problem if the TFTP IP is a common home use address like 192.168.1.1.
I'll have to look into the packet capture. As far as the tftp you are right on the money. The tftp address is usually 192.168.1.1 which is pingable so the phone constantly tries to register and you have to manually give it a bad tftp address so it goes into VPN mode.
You have reached the Cisco Logistics Support Center.. To Check Status of
your RMA, visit Product Returns & Replacements (RMA). Need help? Contact
us by Phone or Email. North Americas Phone: 1800 553 2447 Option 4
Email: firstname.lastname@example.org Europe Phone: +3...
The short answer is that you don't.... That isn't entirely true while at
the same time it kind of is, but for the most part you don't configure
the softkeys. You enable or disable them via TCL. Here is the long
answer. Be sure to read the whole thing or e...
Topology: IP Phone > Switches > Microsoft NPS setup to forward 802.1x
proxy to > ISE 2.1 patch 3 Authentication: EAP-TLS using Cisco MIC SANs
Phone Models 802.1X support? 802.1x flavor Addtl Comment EAP-MD5 EAP-TLS
Cisco 3905 Y Y N Cisco 6911 Y Y N Cisco ...