Anyconnect client behind firewall refuses VPN connection due to invalid certificate
My computer is behind a Sophos firewall that has HTTPS decryption / scan enabled. Now my Cisco Anyconnect client refuses to connect to VPN (the VPN of my university) because the certificate on the secure gateway is invalid. I've got a .pem file with the certificate that I had installed on my macOS keychain and for the browsers I use. Since I think the refusing of VPN connection is due to the fact, that Anyconnect isn't aware of this certificate: how can I install it on macOS? I much appreciate answers or some hints.
I haven't practically done this however ideally if the SOPHOS cert is trusted by your anyconnect machine and ASA cert is trusted by the SOPHOS firewall then the SSL handshake should work given that the cipher suites are also in line.
you could do the above and then check.
Also, SSL anyconnect needs TCP and UDP 443 to be able to talk to the ASA.
You can take a packet capture and see if the SSL handshake goes through or not.
Attackers will always target the "low hanging fruit": devices that have passed end-of-software maintenance and end-of-support. A few years ago, Cisco described the evolution of attacks against infrastructure devices. All of the attacks discussed in t...
I somehow stumbled upon Cisco's IBNS 2.0 Auto Identity (AI) templates in my CML/VIRL IOSv layer2 image (IOS 15.2(6)).
I find these templates great, because these are the best practices that we tend to hard-code manually - e.g there are...
Hello. Thanks in advance for any input. I have just spun up a Cisco ISE lab and having some issues with the certificates. I created a self-signed certificate to be used with EAP and admin. DNS name of ise1.example.local points to the ...
Adversarial Tactics and TechniquesA Call to Action
Cisco Identity Services Engine (ISE) gives you intelligent Integrated protection through intent-based policy and compliance solution. Cisco ISE supports posturing of endpoints with different ...
Cisco Defense Orchestrator (CDO) is a cloud-based, multi-device manager that manages security products like Adaptive Security Appliance (ASA), Firepower Threat Defense next-generation firewall, and Meraki devices, to name a few.
We make improvement...