cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
599
Views
0
Helpful
0
Replies

AnyConnect 4.2 on 10.11 and SSL VPN

h.gnad001
Level 1
Level 1

Setup: ASA 5545 runing 9.3(3)2, configured with SSL VPN, using user certificates. IPSec disabled.

Now we're trying to connect with Macs running 10.11.1 and Cisco AnyConnect Client.

What we achieved so far:

- Windows clients work fine.

- Tailored a MDM profile for iOS including root, intermediate und user certificates, works fine.

- Installed root, intermediate und user certificates into OS X keychain, both system and user (tests showed that user keychain was sufficient), could connect via https to ASA website using Google Chrome 46.0.2490.80 (prompted to select user certificate for SSL connection), Firefox 41.0.2 (needed to install user certificate in Firefox' certificate store) and sometimes with Safari 9.0.1 (reloading the page several times while getting offered the user certificate in the popup multiple times).

Anyconnect client 4.2 - no dice. Tried to install the same MDM profile that works on the iOS device, and used the AnyConnect profile from the Windows computer (got installed on Windows by visiting the ASA website) on the Mac in /opt/cisco/anyconnect/profile/

No matter what, the client reports "Connection attempt has failed due to server communication errors. Please retry the connection." Client log says:

    15:49:14    Ready to connect.

    15:49:33    Contacting enter.faroeurope.com.

    15:49:34    Connection attempt has failed.

    15:49:34    No valid certificates available for authentication.

    15:49:34    Connection attempt has failed.

Any help appreciated!

0 Replies 0