I set up a cisco ASA 5505 for remote access using Cisco AnyConnect Secure Mobility Client.
The clientsoftware is installed on Windows 7 machines
Only IPsec is enabled for access, using (ASA)local userdatabase and certificate (company CA enrolled the certificates).
When in the client profile "Certificate Store" "All" is selected I can connect to the ASA and choose a certificate I want to use to connect. Even when I choose my machine certificate a connection will be established.
Now I set Certificate Store to "Machine".
At this point it is no longer possible to connect to the ASA. I get the error: "certificate validation failure".
"Certificate Store Override" is enabled.
What do I need to do or configure to make it possible that users can only connect using a machine certificate?
The setting "All" in Certificate Store is not acceptable.