After upgrading AnyConnect package on AS from 3.0 to 3.1 getting error that the certificate is untrusted and have to accept the certificate when trying to automatically login to the website. Is it possible to disable the strict trust setting to avoid this error?
It is strongly recommended that Strict Certificate Trust for the AnyConnect client is enabled for the following reasons:
•With the increase in targeted exploits, enabling Strict Certificate Trust in the local policy helps prevent man in the middle attacks when users are connecting from untrusted networks such as public-access networks.
•Even if you use fully verifiable and trusted certificates, the AnyConnect client, by default, allows end users to accept unverifiable certificates. If your end users are subjected to a man-in-the-middle attack, they may be prompted to accept a malicious certificate. To remove this decision from your end users, enable Strict Certificate Trust.
We recently installed a new 1GB internet circuit. When we connect directly to the router we average 900 to 950MB. When we connect the router to the outside interface of the firewall and test internet connectivity we our average spe...
I am working to configure a Cisco IOS based AnyConnect IPsec VPN. This requires us to use MSCHAPv2 and forward to an additional RADIUS system, which is Windows NPS in our environment.I have the Duo 2FA working correctly, however when the Access-Accept is ...
I have a customer that has ISE deployed and has acquired another company that has their own separate ISE deployment. The customer was wondering if we have a best practices guide to address the merging of these two separate ISE deployments into...