Hello,

I would like to ask about info whether anybody has functional management tunnel with Start Before Logon at FTD managed via FMC.

I migrated configuration from ASA to FTD and one of required functionality is management tunnel. With automatic conenction before user logon. It does not work to me. I have this behaviour :

computer is able to connect to old ASA before user logon (for old and new environment is used the same CA),

computer is able to connect to FTD after user logon and management tunnel is stable,

computer connects to FTD before user logon, but connection terminates with reason user requested :

22.06.2022 11:28:40 <167>%FTD-7-725017: No certificates received during the handshake with client outside:A.B.C.D/49759 to E.F.G.H/443 for TLSv1.2 session
22.06.2022 11:28:40 <165>%FTD-5-109201: UAUTH: Session=0x43bbc000, User=BNCZBDTPC1234, Assigned IP=10.179.232.162, Succeeded adding entry.
22.06.2022 11:28:40 <165>%FTD-5-109210: UAUTH: Session=0x43bbc000, User=BNCZBDTPC1234, Assigned IP=10.179.232.162, Succeeded removing entry.
22.06.2022 11:28:40 <166>%FTD-6-716002: Group <AC_Mgmt_Tunnel> User <BNCZBDTPC1234> IP <A.B.C.D> WebVPN session terminated: User Requested.
22.06.2022 11:28:40 <164>%FTD-4-113019: Group = AC_Mgmt_Tunnel, Username = BNCZBDTPC1234, IP = A.B.C.D, Session disconnected. Session Type: AnyConnect-Parent, Duration: 0h:00m:02s, Bytes xmt: 16532, Bytes rcv: 0, Reason: User Requested

it seems like some right at computer because after logon it works; but in case of using of old ASA it works well

Version at FTD and FMC is reccomended one - 7.0.1.

I am using 4.8.03052.

Thans for any usefull info.

Petr