cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2776
Views
0
Helpful
3
Replies
Highlighted
Beginner

Provision Cisco Anyconnect VPN App for Android

Hello,

 

We provision a VPN-profile for Anyconnect with Microsoft Intune (SCCM-Hybrid) MDM today for the AnyConnect VPN App.

On iOS, everything is automated. But when we provision the same profile for Android - it behaves differently. On the Android device I need to do these things:

- Change the setting External Control from 'Disabled' To 'Enabled'
- Import the certificate manually on the Connection (the connection is provisioned from Intune)

 

But the thing is, when I read the instructions here:

"AnyConnect Profile Editor, Mobile Settings Apple iOS / Android Settings Certificate Authentication—The Certificate Authentication policy attribute associated with a connection entry specifies how certificates are handled for this connection. Valid values are: Automatic—AnyConnect automatically chooses the client certificate with which to authenticate when making a connection. In this case, AnyConnect views all the installed certificates, disregards those certificates that are out of date, applies the certificate matching criteria defined in VPN client profile, and then authenticates using the certificate that matches the criteria. This happens every time the device user attempts to establish a VPN connection. Manual—AnyConnect searches for a certificate from the AnyConnect certificate store on the Android device when the profile is downloaded and does one of the following:

http://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect40/administration/guide/b_AnyConnect_Administrator_Guide_4-0/anyconnect-mobile-devices.html#reference_85F4316468DD4B06ABB4BCD04878BDCE"

 

It should be able to be Automatic? Is this something which is expected from the Android operating system? Intune also has support for "Custom XML" for this VPN-profile but i can't find any documentation regarind what parameters is supported for the Cisco AnyConnect-profile. Where can I find this documentation? Or is it even supported?

3 REPLIES 3
Highlighted
Beginner

Did you find a solution for this problem?

Highlighted

I'm having the same issue as well, any progress?

Highlighted
Beginner

Bumping this again.  Any resolution?  I can't tell if it's a limitation of the Cisco App, or Microsoft's Intune.  Who needs to do the fix?