Hi Team, Customer has a used case where they do not want the remote users of their organization ever get a chance to un-install / tamper with the AnyConnect Client, when Always on VPN feature is configured for them. The Laptops where Anyconnect Clients will be installed might have Admin Rights with users as well. While AD will be used to have limit on the security on the Software, customer also wants some tamper free solution for the client, so that users do not get a chance to tamper with the client installation; might be a Password to Protect from Uninstall, or some hidden registry settings etc etc. Any pointers on this will be helpful. Nilanjan ... View more

Hi All, In one my customer premises, there is ASA 5520 with 8.2 version. Customer wants to use Always on VPN solution for their mobile clients. This is a POC situation and things are not working. We have selected Self Certificate for this POC as of now. The below is the errors captured from the client device (WIndows Based Lappy), Certificate is downloaded and made "trusted" as of now. Please help with similar known issues with probable solutions. Error Seen at Client End: [19-11-2013 20:31:46] VPN Connecting [19-11-2013 20:31:46] Contacting ITC-POC-VPN.ITC.IN. [19-11-2013 20:31:46] Processing CRLs... [19-11-2013 20:31:47] Connection attempt has failed. [19-11-2013 20:31:47] AnyConnect cannot confirm it is connected to your secure gateway.  The local network may not be trustworthy.  Please try another network. [19-11-2013 20:33:47] VPN Connecting [19-11-2013 20:33:47] Contacting ITC-POC-VPN.ITC.IN. [19-11-2013 20:33:47] Processing CRLs... [19-11-2013 20:33:48] Connection attempt has failed. [19-11-2013 20:33:48] AnyConnect cannot confirm it is connected to your secure gateway.  The local network may not be trustworthy.  Please try another network. Thanks in Advance... I can share other inputs if required. ... View more