cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
298
Views
0
Helpful
1
Replies
WonderfulIT
Beginner

DART on Anyconnect Certificate issue

Hi all,

 

I've just configured Anyconnect on an ISR4431 and when i go to connect it shows as failed as "no valid certificates available for authentication" but i'm struggling to find where in the DART package it will tell me why ? There seems to be a lot of information here but i've not used DART before so unsure which part to check ?

When i first tried to connect FYI it says Certificate does not match the server name and is from an untrusted source however it DOES match the name and i've imported it into the local PC cert store.

 

If someone could advise ?

 

Thanks

 

Ian

1 REPLY 1
Pablo
Cisco Employee

That error message can be misleading sometimes, a couple of important things to check:

 

The cert can’t be self-signed, it must be issued by a public or private CA.

 

The cert’s subject name needs to match exactly what you defined in your XML profile <HostAddress>vpn.blah.com</HostAddress>

 

If the IOS-XE running is older than 16.9.1, make sure you set the BypassDownloader to ‘true’ on your profile.

 

IOS-XE FlexVPN with Anyconnect

 

 

Content for Community-Ad