Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
591
Views
0
Helpful
1
Replies

Anyconnect client predeploy with IPSEC Only profile

matthew.sodano
Level 1
Level 1

‎06-13-2014 06:56 AM - edited ‎02-21-2020 07:41 PM

Hello,

 

I seem to not be able to get an answer out of the TAC on this, I have an application where by I need to predeploy the anyconnect client for use with an ASA 5550, and I am not able to get it to work. The profile must be IPSEC only, there cannot be any https/SSL used at all for connection, discovery, setup or anything. https/ssl is blocked by default inbound, and having it changed is difficult. How can I create a VPN profile that does this, and copy it to a user system, along with teh Anyconnect client install. I am able to create and use a profile for the old Cisco VPN client.

 

Thanks in advance--Matt

Labels:
0 Helpful
1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

‎06-13-2014 07:36 AM

You'd have to disable client services for the connection profile. It would prevent you from pushing any profile updates, AnyConnect updates etc., but it will still work if you already have the desired AnyConnect software and profile on your clients.

Most importantly, the pre-deployed profile will need to denote:

     <PrimaryProtocol>IPsec</PrimaryProtocol>

This will allow you to follow the procedure in this document while skipping the bits about using SSL for the initial profile deployment (and subsequent updates).

0 Helpful
Customers Also Viewed These Support Documents