I've setup Anyconnect VPN services with multiple groups. A few groups for corporate users and a few vendors. All but one is working correctly. I have a vendor that was already using Anyconnect for their own corporate connections. I had them login to pickup the policies from our ASA. The version they were using and our version are the same (3.1.05152). The problem is that when they try connecting to us they're not able to change logon groups. They don't even get an option to use the pull down menu. It just stuck on the first entry. I believe it must be with the policies previously set on their client from their corporate policy.
Has anyone ran into this issue and found a way to fix it?
If you manually copy the profile file from your ASA (___.xml file - should be on disk0:) to their client workstation in the proper directory (listed here - varies by OS), their AnyConnect client should see it and allow them to choose it. (It will require an AnyConnect restart to parse the xml profiles in the directory.)
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...