05-09-2016 09:24 AM - edited 02-21-2020 08:48 PM
Hi,
I'm trying to configure an ASA running 9.5.2.2 to use SNI (server name indication), so that I can have multiple certs on it.
It works if I connect to the device in the browser, but I get a certificate mismatch error with the Cisco AnyConnect Secure Mobility Client v4.2.01022.
I see this link indicating that SNI was submitted as an enhancement request prior to Anyconnect Client v3.1, but I'm wondering if it was ever implemented.
https://bst.cloudapps.cisco.com/bugsearch/bug/CSCue35947/?referring_site=bugquickviewclick
Thanks in advance,
Mike
05-09-2016 02:25 PM
When looking at a wireshark dump of an AnyConnect 4.2.03013 under MacOS and 4.2.01022 under Win 8.1 connection attempt, there is no SNI-extention visible. Doesn't seem to be implemented yet.
05-10-2016 07:33 AM
Thanks for confirming. Is there a Cisco rep listening in that can tell me if it's on the radar for a future release?
Thanks,
Mike
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide