06-12-2012 02:24 AM
Hi,
We got Certificate to Connection profile Maps because iOS VPN configuration doesn't specify tunnel group.
So if certificate issuer is our Enterprise CA, connection is mapped to Connection Profile "iOS". It works great.
Now, we want an other connection profile for Windows 7 with AnyConnect: "Windows"
On "Windows" Connection profile, I configured a group URL : https://vpn.mycompany.com/Windows
I used the command "Tunnel-group-preference group-url" to let groupe URL take precedence if groupe URL and certificate map match different connection profiles.
On AnyConnect, I tried to connect to : "vpn.mycompany.com/Windows"
Certificates on Windows 7 are still issued by our Enterprise CA.
AnyConnect with Windows 7 is mapped to "iOS" Connection Profile.
Why is it not mapped to "Windows" following the group-url?
Cisco ASA version is 8.4.2.
Thanks for your help,
Patrick