I want to use both AAA(local) and certification methods to authenticate webVPN users.I set both in the respective clientless SSL tunnel-group and specified the outside interface using AAA(local) to authenticate, then checked the pre-fill the username from user certifacate option .
I determined an Identity certification for SSL VPN(outside interface) and user certifiacations (issued by windows 2003 CA server) are installed in the perosnal Cert folder correctly(windows OS, firefox browser). appropraite VPN usernames and passwords all exist in the local AAA database.
but, I recieved the bad MAC error when connect to VPN URL.whenever I change the authentication to AAA only it works.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...