I am able to connect it successfully but why this error msg coming that i dont know
Actually In MY setup FTD 2110 with ASA and created Two Context
(ASA Firmware -ASA Version 9.12(3)12) Anyconnect Version :- 4.8.03052
IN Context A i am able to connect anyconnect without this error msg
In Context B i am able to connect anyconncet and getting this error msg
I have installed 3rd party certificate for SSL VPN which get from digicert
I need help to solve this issue
For reference purpose i have attached error screenshot with this
@Rob Ingram was asking about the CLIENT certificate.
The error you are getting is indicative of the VPN connection profile requiring the client to use a certificate for authentication and not finding a valid certificate to authenticate
Please help me to remove this error
i have checked configuration for both context that is showing same so why i am getting error in one context and not in other context
can you please let me know what configuration need to check for this error?
Actually i have not configured authentication for anyconnect profile .
You need to establish an authentication method. Until you do that, you may get unhelpful errors as the connection will try various defaults which may not be appropriate for what you want.
Actually its working properly
For authentication i have configured Radius authentication .- radius authentication Requesting to ISE --> ISE have active directory integrated . Already .
and its working properly for both context
So i dont have problem for authentication and user can access destination which we have defined .
So all configuration is working properly - But i am getting this error when i trying to connect - But after that use able to connect and use given resources
My main question is that We did same type of configuration in both Context
Still we are getting error in one context and not in other why it so .
Is it a wildcard certificate?
Do both contexts' interface addresses to which you connect to have a resolvable FQDN that matches the certificate?
Yes i have installed wildcard certificate for SSL VPN URL
but actually what configuration i need to change to remove this error that i am not getting
Could you answer my earlier question?
"Do both contexts' interface addresses to which you connect to have a resolvable FQDN that matches the certificate?"
FQDN is resolvable for both Interface address for each context .
Each context has separate wan address and interface, FQDN also different but last domian is maching with wildcard certificate.