Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2312
Views
10
Helpful
15
Replies

Client Certificate Selection Anyconnect

Spiffyman
Level 1
Level 1

‎01-22-2024 11:28 AM

Hello,

I have a Cisco ISR 1111X-8P setup with Ikev2 ipsec vpn with certification authentication. I'm trying to get the anyconnect client to make the user chose which certificate to present to the router in order to pipe them into various internal networks. I have a profile created under C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\Profile\myprofile.xml with the line <AutomaticCertSelection UserControllable="false">false</AutomaticCertSelection> added before my server list. This does not seem to work and windows/anyconnect will select the cert to use automatically.

Kind regards,

Euki

Labels:
15 Replies 15

Spiffyman
Level 1
Level 1
In response to Marius Gunnerud

‎01-29-2024 02:18 PM

Marius,

 

I have my xml setup as follows. Would the above go into the xml before <server list> section?

<?xml version="1.0" encoding="UTF-8"?>
<AnyConnectProfile xmlns="http://schemas.xmlsoap.org/encoding/"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://schemas.xmlsoap.org/encoding/AnyConnectProfile.xsd">

<ServerList>
<HostEntry>
<HostName>MyVPN</HostName>
<HostAddress>x.x.x.x</HostAddress>
<PrimaryProtocol>IPsec
<StandardAuthenticationOnly>true
<AuthMethodDuringIKENegotiation>IKE-RSA</AuthMethodDuringIKENegotiation>
</StandardAuthenticationOnly>
</PrimaryProtocol>
</HostEntry>
</ServerList>

</AnyConnectProfile>

0 Helpful
Customers Also Viewed These Support Documents