Accepted Solutions
Hello norsar,
The reason it changes the display name from FQDN to connect (IPsec) IPv4 is because you might not have anyconnect profile correctly configured for the users.
You are on the right path by modifying the preferences.xml but this will get override once the configuration is pushed from the ASA. Thus , you can edit the client profile form the ASA and then you would not need to make changes on the client.
Please make sure the new certificate is not only installed , it is also applied on the outside interface.
Make sure you remove the older command and add it with correct trustpoint (which has the new certificate)
no ssl trust-point <trustpoint name of old certificate> outside
ssl trust-point <trustpoint name of new certificate> outside
For modifying the client profile:-
Go to Configuration> Remote Access VPN > Anyconnect Profile >
Name the profile.
Associate this anyconnect profile with the group policy assigned to the users.
You will be able to see “server list” option.
Just click on Server List, then click on ADD. Fill in the hostname of the firewall where you have “Hostname(required)” and “Host Adress” options.
Click on OK and save the configuration.
Once the profile is pushed , AnyConnect users will be able to see the hostname of the firewall and can enter the username and password to connect to the firewall.
Ref: http://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect30/administration/guide/anyconnectadmin30/ac02asaconfig.html#pgfId-1111773
Regards,
Dinesh Moudgil
P.S. Please rate helpful posts.
Hello norsar,
The reason it changes the display name from FQDN to connect (IPsec) IPv4 is because you might not have anyconnect profile correctly configured for the users.
You are on the right path by modifying the preferences.xml but this will get override once the configuration is pushed from the ASA. Thus , you can edit the client profile form the ASA and then you would not need to make changes on the client.
Please make sure the new certificate is not only installed , it is also applied on the outside interface.
Make sure you remove the older command and add it with correct trustpoint (which has the new certificate)
no ssl trust-point <trustpoint name of old certificate> outside
ssl trust-point <trustpoint name of new certificate> outside
For modifying the client profile:-
Go to Configuration> Remote Access VPN > Anyconnect Profile >
Name the profile.
Associate this anyconnect profile with the group policy assigned to the users.
You will be able to see “server list” option.
Just click on Server List, then click on ADD. Fill in the hostname of the firewall where you have “Hostname(required)” and “Host Adress” options.
Click on OK and save the configuration.
Once the profile is pushed , AnyConnect users will be able to see the hostname of the firewall and can enter the username and password to connect to the firewall.
Ref: http://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect30/administration/guide/anyconnectadmin30/ac02asaconfig.html#pgfId-1111773
Regards,
Dinesh Moudgil
P.S. Please rate helpful posts.
