cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
721
Views
0
Helpful
0
Replies

Anyconnect using IKEV2 certificate based authentication issues

jamesholley
Level 1
Level 1

Hello all

 

I am looking to set up a new Anyconnect service on an existing ASA (9.6(4) 8).

I have an identity certificate set up on the ASA that I want to use to identify the ASA for a certain group of user laptops.

There is also another identity certifcate installed on the ASA for an existing service that uses IPSec.

The ASA is configured with a certificate in the Anyconnect Client page within ASDM. See attachment - ciscoattach1.

My issue is that when I attempt to connect with the new profile, it is failing due to it not matching the certificate in the attachment and not using the identity certificate that I created just for this profile.

Essentially it is stating - Certficate name verification has failed. It is pointing to what I want to use and what is actually configured for the firewall to use for IPSec on that interface.

So the question is, without changing the certificate in the section for Anyconnect Profiles section, can I add config so that it sees the profile of the client incoming and chooses the right certificate for IPSec authentication.

Any help on this would be gratefully appreciated.

Thanks

 

 

James

 

 

0 Replies 0