reorder of the Anyconnect client profile server list choices

tryingtofixit · ‎12-16-2024

Currently I have my A/c client with a drop down of vpn1-internal, vpn2-internal. however vpn-1 is not preferred connection , vpn-2 is. Can I reorder these, are they base on what is created 1st in the secure client profile under Server list. If I make vpn-2 the first and vpn-1 the 2nd, will asa preserve that, or will it alphabetize it and move vpn-1 to the top of the list.?

MHM Cisco World · ‎12-16-2024

Only change order of config of both Tunnel-policy in asa

MHM

tryingtofixit · ‎12-16-2024

huh? Thanks, but I don't follow.I have always done it in the secure client profile "xml". works like charm, never see anything done on a tunnel group for the anyconnect client server choices. Got a url?

MHM Cisco World · ‎12-16-2024

 tunnel-group-list enable <<- do you use this command ?

tryingtofixit · ‎12-16-2024

no, I don't have that config anywhere in my config. I have two group policies one for internal another for vendors, each have their own tunnel groups.

MHM Cisco World · ‎12-16-2024

the OS is keep the list in order you use VPN
i.e. if you use VPN-1 then OS will always show VPN-1 in top list
to change order then
shutdown the OS and open again and try connect using VPN-2

MHM

Rob Ingram · ‎12-16-2024

@tryingtofixit you don't actually need to multiple profiles if the VPNs are Primary/Backup for the same organisation, you can just define one display name and then define the primray server and the backup servers in the list. When the first fails, it will automatically connect to the backup server.So just the one option to select in AnyConnect.

If you do wish to manual select which VPN to connect to, the profiles are listed alphabetically in AnyConnect/Secure Client. You could number the profile in the order you wish them displayed. FYI, the display name does not need to equal the server FQDN.

1. Primary DC
2. Backup DC

So in the instance above, Primary DC's server FQDN is vpn-1.company.com and Backup DC is vpn-2.company.com