Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
Community Member

ASA anyconnect odd certificate behaviour

I am noting what seems to be odd behaviour and wondering if anyone else is noticing this or has an explaination.  I have created five vpn portals on an ASA -- three web based and they are set to use the AAA for authentication and two anyconnect VPN client portals using AAA plus client certificate. 

When I set up the three web portals the behaviour is as expected -- authentication takes place no problem.  However when I turned on the both AAA and certificate for the two vpn client portals the web portals started requesting client certificates as well although in their settings it only requires AAA.  I want to be able to give our road warriors the possibility to connect to the web based portal using two factor authentication (which works) but force the full layer three to include a client cert.  But not require the client cert on the web only. 

Has anyone else seen this behaviour and is it a bug in the ADSM  -- I don't really understand the problem here.



CreatePlease to create content