Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
760
Views
0
Helpful
1
Replies

AnyConnect Trusted Network Detection

rjadhav163
Level 1
Level 1

‎03-07-2017 02:24 AM - edited ‎02-21-2020 09:11 PM

Hi Everyone,

we are using always on functionality with TND using secure SSL Servers. I have following questions:

1. I can enter several URLs and the hashes get generates. Does AnyConnect try to connect to servers from top to bottom in the list. That means if first server is not available then it goes to next?

2. How does the hash comparison exactly work? I mean, a user is connected to VPN in an "Untrusted Network". Then he "walks into" a trusted lets say WLAN Network with his laptop. Then will his laptop connect to the "Trusted Server" mentioned in XML Profile automatically and then compare the hash of the certificate presented by the server to the hash mentioned in the XML?

3.  Is the certificate validity checked? I mean, if the certificate on the "Trusted Server" has expired but still this "Trusted Server" presents that certificate to the client that walked into trusted network, then will it still work since the hash will match?

Thanks and Regards,

R

1 person had this problem
Labels:
0 Helpful
1 Reply 1

rjadhav163
Level 1
Level 1

‎03-16-2017 12:51 AM

Anyone??

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents