AnyConnect Secure Mobility Client - using incorrect profile
I am working on a test configuration on an ASA 5545 with a single configured Connection Profile "VPN" (and the two default DefaultRAGroup and DefaultWEBVPNGroup)
"VPN" Connection Profile is the only one enabled for SSL. The other two are not enabled.
"VPN" uses RSA, so the authentication dialog says "Passcode" instead of "Password".
If I set "Allow user to select connection profile on the login page", the correct Connection Profile is displayed in the list an there is no alternative in the list. When I select Connect I am prompted for Username and Passcode as expected. This works.
If I do not set "Allow user to select connection profile on the login page" the client does not display a list. This is our desired config. When you select Connect, you are prompted for Username and Password, not Passcode. Authentication fails with password and passcode.
So even though I only have one Connection Profile, it doesn't appear to use it unless I display it in the client.
The behavior is the same with the client or going to the web page.
Any idea how I can force "VPN" Connection Profile as the default and not display it to the end-users?
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...