08-15-2018 10:33 AM - edited 03-12-2019 05:29 AM
Hello
I trying to get cisco anyconnect 4.4 client to connect at login. when away from the company. I have starting and logging in as expected except before it finishes connecting I have to click on ok. see attachment. Is there a way to make it except the certificate with having to click ok.
Thanks for any help
Solved! Go to Solution.
08-16-2018 12:45 AM
08-15-2018 01:55 PM
Hi,
If you use the Always On option with Trusted Network detection option, this should allow the client to automatically connected when on an untrusted network (as in not the corp network). You would need to use the AnyConnect Profile Editor to configure these preferences.
Link here.
HTH
08-16-2018 12:45 AM
09-10-2018 05:32 AM
Thanks I did this and my problem was solved.
Try to configure certificate map to pin client certificate to tunnel-group.
In this case, it won't ask you to select the client certificate.
08-17-2018 12:59 PM
Hi,
The dialog in the screenshot is for tunnel group selection, and not certificate selection. In your case you have multiple tunnel groups configured on the headend so AnyConnect needs to prompt you to select one. If you have auto-cert selection enabled and you click on the "OK" button, AnyConnect will send all certificates in the store (machine/user) depending on profile configuration until one works, or you run out of certs.
If you want to avoid the tunnel group selection you could us a group URL in the profile to bypass this dialog and be sent directly to the tunnel group specified. If you want to specify a single certificate to send you can add a cert match rule to your profile.
As for forcing a connection when off of the corporate network, you could use Trusted Network Detection with, or without Always On functionality as mentioned by Mohammad
Steve S.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide