Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
773
Views
10
Helpful
1
Replies

CSCvh07595 - FDM VPN AnyConnect profile with CertificateStoreMac XML tag is not supported

mikael.dautrey
Spotlight
Spotlight

‎03-03-2020 10:34 PM

Trying to use anyconnect profil editor to build an anyconnect profil XML file that will be deployed on ASA FTD.

FTD version :  6.2.x

Anyconnect editor version : tools-anyconnect-win-4.8.01090-profileeditor-k9

 

You can't load the xml profile using the FDM web gui because the file format is not accepted. You have to edit the XML file manually and comment or delete the following fields :

<SuspendOnConnectedStandby>
<LinuxLogonEnforcement>
<LinuxVPNEstablishment>
<MatchOnlyCertsWithKU>
<RetainVpnOnLogoff>
<CaptivePortalRemediationBrowserFailover>

 

Incidentally, the xml schema is not versionned and not accessible whereas it should :

xsi:schemaLocation="http://schemas.xmlsoap.org/encoding/ AnyConnectProfile.xsd"

 

 

IT Infrastructure deployer
Security practicioner
Spare time devops
1 person had this problem
Labels:
1 Reply 1

BryanPluta0075
Level 1
Level 1

‎03-30-2020 10:28 AM

I seem to be having the same problem with FTD 6.2.3 and AnyConnect editor 4.7. Any idea which lines need to be deleted for that version of the AnyConnect editor? It still says invalid when I remove the lines outlined in the workaround. 

Customers Also Viewed These Support Documents