cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2238
Views
0
Helpful
1
Replies

ASDM AnyConnect Profile: Host with port

kristianbonde_2
Level 1
Level 1

ASA5510 with ASDM6.3

Anyconnect is working fine. We allready had a certificate for our external IP adress so we specified AnyConnect to use a different port and bought a certificate for that.

Ive created a XML profile to be pushed to the clients. The problem is that it will not accept or push the port specified so when the client connects it connects to x.x.x.x and therefor getting the wrong certificate instead of connecting to x.x.x.x:442.

If I disable the profile and write x.x.x.x:442 manually in the client it works and I get the right certificate and connects..

What can I do to make the client read the XML file with a port?

XML file:

<?xml version="1.0" encoding="UTF-8"?>

<AnyConnectProfile xmlns="http://schemas.xmlsoap.org/encoding/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://schemas.xmlsoap.org/encoding/ AnyConnectProfile.xsd">

<ClientInitialization>

<UseStartBeforeLogon UserControllable="true">true</UseStartBeforeLogon>

<AutomaticCertSelection UserControllable="true">false</AutomaticCertSelection>

<ShowPreConnectMessage>false</ShowPreConnectMessage>

<CertificateStore>All</CertificateStore>

<CertificateStoreOverride>false</CertificateStoreOverride>

<ProxySettings>Native</ProxySettings>

<AutoConnectOnStart UserControllable="true">true</AutoConnectOnStart>

<MinimizeOnConnect UserControllable="true">true</MinimizeOnConnect>

<LocalLanAccess UserControllable="true">false</LocalLanAccess>

<AutoReconnect UserControllable="false">true

<AutoReconnectBehavior UserControllable="false">DisconnectOnSuspend</AutoReconnectBehavior>

</AutoReconnect>

<AutoUpdate UserControllable="false">true</AutoUpdate>

<RSASecurIDIntegration UserControllable="false">Automatic</RSASecurIDIntegration>

<WindowsLogonEnforcement>SingleLocalLogon</WindowsLogonEnforcement>

<WindowsVPNEstablishment>LocalUsersOnly</WindowsVPNEstablishment>

<AutomaticVPNPolicy>false</AutomaticVPNPolicy>

<PPPExclusion UserControllable="false">Disable

<PPPExclusionServerIP UserControllable="false"></PPPExclusionServerIP>

</PPPExclusion>

<EnableScripting UserControllable="false">false</EnableScripting>

<BackupServerList>

</BackupServerList>

<EnableAutomaticServerSelection UserControllable="true">false

<AutoServerSelectionImprovement>20</AutoServerSelectionImprovement>

<AutoServerSelectionSuspendTime>4</AutoServerSelectionSuspendTime>

</EnableAutomaticServerSelection>

<RetainVpnOnLogoff>false

</RetainVpnOnLogoff>

</ClientInitialization>

<ServerList>

<HostEntry>

<HostName>Ardo</HostName>

<HostAddress>X.X.X.X:442</HostAddress>

<UserGroup>SSL_Users</UserGroup>

</HostEntry>

</ServerList>

</AnyConnectProfile>

1 Reply 1

kristianbonde_2
Level 1
Level 1

hmm funny..

I´ve tested this:

    

          Ardo

                1.0.0.0

                      

                               X.X.X.X:442

                      

    

When I test this it lets me know that 1.0.0.0 doesnt work but it will try x.x.x.x:442... and then it connects!

Now why doesnt it use the port when I do this!? :

    

          Ardo

                x.x.x.x:442