Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1277
Views
15
Helpful
3
Replies

How to hide AC profile setting"Block connections to untrusted servers"

Palazsto
Level 1
Level 1

‎01-12-2022 04:06 AM

Hello Guys I'm searching for an option to hide or gray out  this setting, because the users are permanently disabling it  : 

Block to Untrusted servers.PNG

 

Any ideas ? 

 

 

Labels:
0 Helpful
3 Replies 3

Rob Ingram
VIP
VIP

‎01-12-2022 04:49 AM

@Palazsto modify the "AnyConnectLocalPolicy.xml" file located "C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client" and amend the line <StrictCertificateTrust>false</StrictCertificateTrust> and set the value to true.

 

This is the local policy file, so you will need to copy this file to all computers via some means, such as your software management solution.

Palazsto
Level 1
Level 1

‎01-13-2022 01:15 AM

@Rob Ingram  Thanks ! 

0 Helpful

jgustafzon
Level 1
Level 1

‎08-04-2022 01:31 AM

I have the opposite issue where I can't get this box to show up at all, seems to be no check box in the profile editor that gives me the option to display this tick box. Tried editing local policy in %appdata% with <BlockUntrustedServers> and AnyConnectLocalPolicy.xml does have <StrictCertificateTrust>false</StrictCertificateTrust>

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents