Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1863
Views
0
Helpful
3
Replies

Firepower 2110 will not distrubute Anyconnect client profile before user connects

Go to solution
steiostb1
Level 1
Level 1

‎02-18-2021 11:29 AM

We have Firepower 2110 running 6.7 i HA managed by FMC. Anyconnect client profile have been added to the current group policy, but new users who have not installed anyconnect before will not get the profile downloaded before after they have been connected to the FTD. Therefor every new user have to manually write in correct server address and connect, then the FTD uploads the correct profile under C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client. Before they connect there is no Profile folder here. 

 

The FTD should have uploaded the profile before the users connected? It there a setting I have missed?

 

Regards

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rob Ingram
VIP
VIP

‎02-18-2021 12:26 PM

That's the correct behaviour with FTD, and that's the same with the ASA. If the client logins to the Web portal page, it just downloads the anyconnect image - not the anyconnect profile. The user would need to at least connect to the VPN in order to download the anyconnect profile.

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Rob Ingram
VIP
VIP

‎02-18-2021 11:36 AM

@steiostb1 

The user either needs to connect to the VPN to download the connection profile or you will need to pre-deploy the profile using you network management software i.e. SCCM.

 

HTH

0 Helpful

Go to solution
steiostb1
Level 1
Level 1
In response to Rob Ingram

‎02-18-2021 12:23 PM

So this is correct behavior for the FTD? I thought the Anyconnect profile would be distributed while the client downloaded the Anyconnect application from the FTD. Is it only on ASA it works like this?

 

Thank you for the response.

0 Helpful

Go to solution
Rob Ingram
VIP
VIP

‎02-18-2021 12:26 PM

That's the correct behaviour with FTD, and that's the same with the ASA. If the client logins to the Web portal page, it just downloads the anyconnect image - not the anyconnect profile. The user would need to at least connect to the VPN in order to download the anyconnect profile.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card