About Pavan Gundu

Pavan Gundu · 04-23-2024

What kind of authentication method is set on the headend, is it Certificate based or AAA + Certificate based or SAML + Certificate based?

Pavan Gundu · 04-20-2024

Have you collected DART and checked if there is anything wrong there? You can share the DART bundle here for people to analyze if you are comfortable with it.

Pavan Gundu · 04-20-2024

Run a packet tracer on outside to any of the unused AnyConnect pool ip and 8.8.8.8 to see what are the phases the packet is going through, and check if your NAT exempt is being hit.

Pavan Gundu · 03-26-2024

Please post the entire packet tracer output. Also, re-verify if you have any overlapping crypto acl.

Pavan Gundu · 03-26-2024

1. You need to have the issuer certificate (the one who signed the user certificate) enrolled in FMC (Devices -> Certificates) 2. Use Certificate authentication in connection profile.

Member Since	‎05-25-2022 10:31 PM
Date Last Visited	‎10-07-2024 09:46 AM
Posts	71
Total Helpful Votes Received	20

User Statistics

User Activity

Re: About Errors When Connecting to [anyconnect VPN]

Re: PKCS12 (PFX) without a supplied password error

Re: No internet using Anyconnect with tunnellall options

Re: Site-to-Site VPN Cisco ASA with MX Meraki only one way

Re: FMC/FDT RA VPN CertAuth + windows CA