cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1833
Views
5
Helpful
5
Replies

Cisco ASA, redirect Anyconnect SSL VPN to new address/url

sharlino
Level 1
Level 1

Hello!

We have changed our ASA's DNS name from vpn-1.old-domain.com to vpn-1.new-domain.com. A connection profile in a user PC contains the old one VPN host: vpn-1.old-domain.com. So, due to connection there will be an SSL cert error displayed, such as SSL_ERROR_BAD_CERT_DOMAIN like in the Firefox.

Can ASA do redirect Anyconnect SSL VPN connection from old DNS to the new one ? Maybe there is another more straight, correct way ?

ASA version is 9.6(2)13

1 Accepted Solution

Accepted Solutions

Marvin Rhoads
Hall of Fame
Hall of Fame

Sorry but you cannot do redirection like that using the ASA.

If you simply instruct users to use the new-domain address by typing it manually the first time they connect anew, the ASA should detect that the client needs a new profile and automatically download it.

View solution in original post

5 Replies 5

Marvin Rhoads
Hall of Fame
Hall of Fame

Sorry but you cannot do redirection like that using the ASA.

If you simply instruct users to use the new-domain address by typing it manually the first time they connect anew, the ASA should detect that the client needs a new profile and automatically download it.

Thanks Marvin. So, it is a common practise and the only solution to instruct users in such a case ? There is no centralized, transparent solution at all ?

Cisco doesn't provide any such solution. It could be argued that if any such thing were able to be done transparently (i.e., without user acklnowledgement of the new domain) that it could be the opposite of secure.

If a user is going to old-domain and providing credentials that are instead being intercepted and processed by new-domain how would that differ from a malicious third party doing something similar?

From that point of view I agree with your thoughts. Thank you )

You're welcome. 

Please mark your question as answered if it has been.