Hello,
I'm trying to connect to an unsecured server (with a self signed certificate) using Cisco AnyConnect Secure Mobility Client (version 3.1.00495).
In a test server with x-window installed thus using anyconnect gui I'm able to establish the connection, but when I try to use the cli I can not.
The problem, I think, is that when the vpn client tries to download the connection configuration, it doesn't ask for certificate acceptance (as it does in the initial connection).
This is what happens:
VPN> block 0
block 0
>> Sucessfully updated preference to allow for untrusted servers
VPN> connect xxx.xxx.xxx.xxx/proj
connect xxx.xxx.xxx.xxx/proj
>> contacting host (xxx.xxx.xxx.xxx/proj) for login information...
>> notice: Contacting xxx.xxx.xxx.xxx/proj.
VPN> AnyConnect cannot verify the VPN server: xxx.xxx.xxx.xxx
- Certificate is from an untrusted source.
Connecting to this server may result in a severe security compromise!
Most users do not connect to untrusted VPN servers unless the reason for the error condition is known.
Connect Anyway? [y/n]: y
Always trust this VPN server and import the certificate? [y/n]: n
>> Please enter your username and password.
Username: USER
Password: PASS
>> notice: Please respond to banner.
VPN>
...
UNAUTHORISED ACCESS IS PROHIBITED BY LAW!
accept? [y/n]: y
>> state: Connecting
>> notice: Establishing VPN session...
The AnyConnect Downloader is analyzing this computer. Please wait...
The AnyConnect Downloader is performing update checks...
>> notice: Checking for profile updates...
>> notice: Checking for product updates...
Failed to get configuration because AnyConnect cannot confirm it is connected to your secure gateway. Contact your system administrator.
>> error: AnyConnect was not able to establish a connection to the specified secure gateway. Please try connecting again.
>> notice: Connection attempt has failed.
>> state: Disconnected
Is there any way to correct this so I can establish the connection via cli?
Thanks in advance.
