Failed to download profile.xml. A VPN connection cannot be established.

moshiplus · ‎05-21-2019

hello .

I create a new ocserv server that i can connect to it with open connect client but i cant connect to it using AnyConnect client . it has error

Failed to download profile.xml. A VPN connection cannot be established.

this is

profile.xml

located at

/etc/ocserv/

that it contents is :

<?xml version="1.0" encoding="UTF-8"?>
<AnyConnectProfile xmlns="http://schemas.xmlsoap.org/encoding/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://schemas.xmlsoap.org/encoding/ AnyConnectProfile.xsd">
 
<ClientInitialization>
<AutoUpdate>true</AutoUpdate>
<BypassDownloader>true</BypassDownloader>
<UseStartBeforeLogon>false</UseStartBeforeLogon>
<StrictCertificateTrust>false</StrictCertificateTrust>
<RestrictPreferenceCaching>false</RestrictPreferenceCaching>
<RestrictTunnelProtocols>IPSec</RestrictTunnelProtocols>
<CertEnrollmentPin>pinAllowed</CertEnrollmentPin>
<CertificateMatch>
<KeyUsage>
<MatchKey>Digital_Signature</MatchKey>
</KeyUsage>
<ExtendedKeyUsage>
<ExtendedMatchKey>ClientAuth</ExtendedMatchKey>
</ExtendedKeyUsage>
</CertificateMatch>
</ClientInitialization>
 
<ServerList>
<HostEntry>
<HostName>Server Profile Name</HostName>
<HostAddress>MY SERVER IP ADDRESS</HostAddress>
</HostEntry>
</ServerList>
</AnyConnectProfile>

and my

ocserv.conf

refer to this profile.xml in this manner :

user-profile = /etc/ocserv/profile.xml

whats wrong with that ??

please please help me .

Marvin Rhoads · ‎05-21-2019

Anyconnect Secure Mobility Client software is not supported with non-Cisco servers as the headend.