01-13-2015 05:46 AM - edited 02-21-2020 08:01 PM
All,
I need to change the URL that AnyConnect clients connect with and I'm looking for the easiest way of doing so without requiring clients to manually change the URL on their existing installations. This will also include going from a self-signed SSL cert on the old address to a publicly signed SSL on the new address. Could I use AnyConnect client profiles to do this even though I'm not using profiles at all now? Basically saying anyone connecting with the old address are somehow automatically forwarded to the new address.
Solved! Go to Solution.
01-13-2015 07:43 PM
I believe you could use a profile and make your server list refer to the FQDN and not the IP address.
Once clients had connected and their local profiles update to include the FQDN, your DNS record pointing to the new address would direct them to the desired place.
Here's where that's set in Profile Editor:
http://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect31/administration/guide/anyconnectadmin31/ac03vpn.html#pgfId-1798377
01-13-2015 07:43 PM
I believe you could use a profile and make your server list refer to the FQDN and not the IP address.
Once clients had connected and their local profiles update to include the FQDN, your DNS record pointing to the new address would direct them to the desired place.
Here's where that's set in Profile Editor:
http://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect31/administration/guide/anyconnectadmin31/ac03vpn.html#pgfId-1798377
01-22-2015 06:53 AM
I was going down that path but was able to go ahead and buy an SSL cert anyway...so that solved my immediate problem. I'm going to look at using client profiles in the future to make these kinds of changes a little easier though.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide