Hoping someone has some ideas here. I am using FMC Virtual appliance to manage an FTD 1010. I have configured two separate trustpoints one pointing to an internal CA and other with a paid for Trusted certifictae CA. I have the paid for trustpoint applied to outside interface. I am using certificate authentication only for the remote user vpn to support smart card access. I have accomplished the smart card connectivity using the anyconnect client however when I try to login to the webvpn portal using same smart card so that I can try to download the client software it does a one time authentication then proceeds group to log into which does not proceed further. Any ideas here.
Also I have clear pin enabled in preferences and upon a reconnect or re-establishment of the vpn I no longer receive the PIN prompt for the smart card. In order to see the pin prompt again I have to quit the anyconnect mobility client application altogether then re-connect which will then prompt for the smart card PIN.