We've setup anyconnect with Machine certificate only authentication. We've got a few profiles on the ASA.
The users hit the correct connection profile only when the option to select the connection profile is enabled.
If I disable that option and update my anyconnect client profile server list with the fqdn and associated group-alias it doesn't hit the correct connection profile, instead it goes to the default connection profile where it prompts a username/password.
Not sure what I am missing, ASA 9.18 anyconnect 4.10