cancel
Showing results for 
Search instead for 
Did you mean: 
cancel

Anyconnect client auto connect

terry.johnson2
Beginner
Beginner

Hello

  I trying to get cisco anyconnect 4.4 client to connect at login. when away from the company.  I have starting and logging in as expected except before it finishes connecting I have to click on ok.  see attachment.  Is there a way to make it except the certificate with having to click ok.

 

Thanks for any help

1 ACCEPTED SOLUTION

Accepted Solutions

Mohammed al Baqari
VIP Advisor VIP Advisor
VIP Advisor
Try to configure certificate map to pin client certificate to tunnel-group.
In this case, it won't ask you to select the client certificate.

This is happening because you have multiple certificates in your store with
EKU as client authentication.

Otherwise, you can delete all other client certificates if you don't need
them.

For certificate maps, you can match attributes from the certificate such
as CA, Domain, etc and point it to TG. this is done from AnyConnect Profile
Editor

View solution in original post

4 REPLIES 4

Rob Ingram
VIP Expert VIP Expert
VIP Expert

Hi,

If you use the Always On option with Trusted Network detection option, this should allow the client to automatically connected when on an untrusted network (as in not the corp network). You would need to use the AnyConnect Profile Editor to configure these preferences.

 

Link here.

 

HTH

Mohammed al Baqari
VIP Advisor VIP Advisor
VIP Advisor
Try to configure certificate map to pin client certificate to tunnel-group.
In this case, it won't ask you to select the client certificate.

This is happening because you have multiple certificates in your store with
EKU as client authentication.

Otherwise, you can delete all other client certificates if you don't need
them.

For certificate maps, you can match attributes from the certificate such
as CA, Domain, etc and point it to TG. this is done from AnyConnect Profile
Editor

Thanks I did this and my problem was solved.

 

Try to configure certificate map to pin client certificate to tunnel-group.
In this case, it won't ask you to select the client certificate.  

stsargen
Cisco Employee
Cisco Employee