I've configured AnyConnect SSL VPN for two connections profiles which can be chosen when I try to establish connection. Following aliases has been configured for those con profiles:
the problem is that every time when I try to select the second one (Con2) from the group list it utomatically returns to the first one (con1). Generaly I am not able to choose Con2. It looks like the Con1 is the default and I can connect using only this profile. I've checked the preferences.xml and preferences_global.xml files and the default group is not configured. What is more when I change the aliases name for those connection profiles to:
I can choose only 1Con2 so it seems that only the first con prof on the list can be used. Any ideas?
Could you please check to see if there is any tunnel group lock configured in the group policy being used by CON2 profile. If it is configured for CON1 then it will force the clients to fall on the CON1 profile.
This used to work (we have ten'ish groups published) and only changes we are aware of is an upgrade of the AnyConnect client itself to 3.1.05152. We are not sure if the client upgrade triggered this as it only affected new users, so it took some time before we noticed it. Old users will default to the group they had at upgrade time, but they are not able to select another group, they return to the previous. New ones are not able to select group and returns to the first in the list.
TAC has been involved, but they found nothing special at their first attempt.
Either edit the file that exists, or create a new "Preferences.xml" based off of the above profile.
Have the user close out of the Cisco AnyConnect Client by right clicking the icon in the system tray and select “Quit”
Copy the attached xml file to the following location. C:\Users\User.Name\AppData\Local\Cisco\Cisco AnyConnect Secure Mobility Client If the directory structure does not exist, then create it “Cisco\ Cisco AnyConnect Secure Mobility Client”
Have the user Open Cisco AnyConnect and try to connect again.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :