Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3789
Views
20
Helpful
5
Replies

issue with Anyconnect Profile Editor

ciscoworlds
Level 4
Level 4

‎11-14-2016 03:10 AM - edited ‎03-11-2019 12:13 AM

Hi;

first of all, I want to create a new profile on Anyconnect NAM Profile editor and while saving the following error appears and doesn't let me to save the profile:

 

I searched the Internet and found some same issues with recommendations to recreate the pre-shared keys. but I didn't create any pre-shared keys or even didn't write any credentials while creating the profile with NAM Profile editor. 

besides, I have some questions regarding the Anyconnect. 

1. I know that the Profile Editor gives extensive control to us while creating the profiles than the Anyconnect NAM module. so do we need to use the profile editor on every user computer and have them to create a profile? I think there should be a way to create a profile and deploy it automatically on client machines. am I right?

2. I've imported a root CA certificate to my PC through web browser HTTPS/TLS Certificate section. but It does not appear on my Windows Certificate console under Trusted Root Certificates. are they different? I think I need to import Root CA again to the Windows Certificate Store through either of the Anyconnect Profile Editor or Windows MMC console. I appreciate any response. 

Labels:
0 Helpful
5 Replies 5

Marvin Rhoads
Hall of Fame
Hall of Fame

‎11-14-2016 07:15 PM

Did you perhaps use a special character (non-ascii) somewhere in your profile?

re your other questions...

1. Certainly - 99% of AnyConnect profiles are deployed thus. One can use any enterprise software deployment tool (SCCM, GPOs, LANdesk, etc.).

2. When you import a certificate you can accept the default location or specify which store you want to put it into. Sounds like you did the former. AnyConnect or its profile editor cannot import a certificate into a store. MMC and/or GPOs etc can.

0 Helpful

ciscoworlds
Level 4
Level 4
In response to Marvin Rhoads

‎11-14-2016 10:53 PM

Hi;

I didn't setup any username/password while creating a profile using NAM Profile Editor. as you know, I just clicked Add, Select User Authentication and the PEAP, and then chose the root certificate which has been saved on my computer and then clicked Finish. no any entry or character has been entered during this process. after attempting to save, the same error displayed and didn't let me to save the profile! 

0 Helpful

tauk
Level 1
Level 1

‎10-31-2020 12:04 PM

My problem and solution:
Problem:
I create a profile in the "profile editor" and when I try to save -> It throws the error - "Unable to sign and write the profile".

Solution:

By default it saves in the following hidden folder
C:/ProgramData\Cisco\Cisco Anyconnect secure mobility client\ Network Access Manager \ newConfigFiles

For some reason, I wasn't able to save and was getting the error.

I saved it to my desktop and manually copied it over to the above folder. Went into CiscoAnyconnect -> RightClick -> Repair and now could now see the new profile.
Also observed that the file moved from:

C:/ProgramData\Cisco\Cisco Anyconnect secure mobility client\ Network Access Manager \ newConfigFiles

to

C:/ProgramData\Cisco\Cisco Anyconnect secure mobility client\ Network Access Manager \ system

 

HTH

0 Helpful

Andrii Oliinyk
VIP
VIP
In response to tauk

‎10-04-2021 10:25 AM

i'm beating my head on table - it doesnt work for me. instead configuration.xml gets renamed into configuration_bad.xml & stays in newConfigFiles . i didnt had such a horrible experience for years.

 

Customers Also Viewed These Support Documents