Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
748
Views
0
Helpful
8
Replies

RA Profiles on AnyConnect

kostasthedelegate
Level 4
Level 4

‎03-06-2020 12:59 AM

Hello, 

 

I have an FTD managed locally(FDM).

I have 2 RA VPN Profiles. 

 

Is there a way to present to the client connecting through anyconnect only a specified profile and not all?

 

Thanks and regards, 

Konstantinos

 

Labels:
0 Helpful
8 Replies 8

Marvin Rhoads
Hall of Fame
Hall of Fame

‎03-06-2020 03:31 AM

You choose which, if any, appear in the AnyConnect dropdown.

Edit the connection profile and choose the Aliases tab. That's where you make the setting.

0 Helpful

kostasthedelegate
Level 4
Level 4
In response to Marvin Rhoads

‎03-06-2020 03:49 AM

Hello Marvin,

Yes, I used the Group URL for every profile.
Now the users see only one profile in the anyconnect client.

Thanks,
Konstantinos
0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to kostasthedelegate

‎03-07-2020 03:47 AM

Alias URLs is different from Alias Names. The information in Alias Names is what appears in the dropdown box.

Can you confirm your various Connection Profiles each have an Alias Name configured?

0 Helpful

kostasthedelegate
Level 4
Level 4
In response to Marvin Rhoads

‎03-09-2020 11:40 PM

Hello Marvin,

Yes, every profile has a different alias name.

Thanks for the support,
Konstantinos
0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to kostasthedelegate

‎03-10-2020 09:23 AM

The AnyConnect client should show all of the aliases in the dropdown "Group" list when the end users logs in.

The "VPN" dropdown will only show one listing for a given headend.

Are you asking about the Group list or the VPN list?

0 Helpful

kostasthedelegate
Level 4
Level 4
In response to Marvin Rhoads

‎03-11-2020 02:48 AM

I wanted the Group list
I configured the aliases and the client connect to the specific url and it shows only one profile and not the other.

If in the anyconnect client, I use the default URL(the IP of the firewall) and not the specific URL I can see all the profiles.

Regards,
Konstantinos
0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame
In response to kostasthedelegate

‎03-11-2020 03:48 AM

Ah I see. How you describe the observed behavior is how it is designed to work from Cisco's perspective.

If you enter the specific URL of a given alias then the design is to only give you that alias.

0 Helpful

Cristian Matei
VIP Alumni
VIP Alumni
In response to kostasthedelegate

‎03-11-2020 05:49 AM

Hi,

    

     If each user will in the end use a single VPN profile, which is already pre-configured in the AnyConnect profile, there is no sense to keep all of your connection-profiles get listed if you browse to the main SSL page. For your use-case, it looks like a security vulnerability, so remove the command "tunnel-group-list enable".

 

Regards,

Cristian Matei.

0 Helpful
Customers Also Viewed These Support Documents