Hi all
I've just deployed AnyConnect for a customer and presently running v3.1.0578. I've got the core VPN and NAM modules installed and everything is otherwise OK. However, the customer has recently just notified me that they are unable to connect to the guest wifi at a particular site which is built on Cisco WLC. As far as I can tell, the web auth https page for guests to sign in is using certain (perhaps default) Cisco cert. NAM shows an IP address has been assigned quite alright but then the web auth page fails to launch. Using the same endpoints on other pubic hotspots (also with https web auth page) work just fine. Only difference I can tell is that the endpoints have no Cisco root/intermediate certs in their machines stores while the other public web auth pages use certs signed by public CAs.
Is this a known (perhaps documented) feature as I know there are stricter certificate checks in newer versions of AC but I thought those were purely around clients authenticating to the gateway? I got DART bundles taken just after the issue was reproduced and all I can see in the AC events log is a message saying the socket was closed by the OS or a remote peer.
Thanks in advance
Sayre