I'm trying to get Start before logon working on a Cisco 1941. I've got it setup so it downloads the correct profile but when I test with a PC it doesn't work. It shows the server entry but doesn't even ask for a username and password and thus won't connect.

I've gone through the Cisco documentation and I'm sure I've done everything right but obviously not. Could someone check my config below and offer advice:

The only things I've changed for security is the IP details

Cisco 1941:

webvpn gateway gateway_1

ip address 8.8.8.8 port 443

http-redirect port 80

ssl trustpoint TP-self-signed-2717103300

inservice

!

webvpn install svc flash0:/webvpn/sslclient-win-1.1.4.176.pkg sequence 1

!

webvpn install svc flash0:/webvpn/anyconnect-win-3.0.10055-k9.pkg sequence 2

!

webvpn import svc profile newprofile flash:/profile1.xml

!

webvpn context customer123

secondary-color white

title-color #CCCC66

text-color black

ssl authenticate verify all

!

!

policy group policy_1

   functions svc-enabled

   svc address-pool "new" netmask 255.255.255.248

   svc module vpngina

   svc profile newprofile

   svc split dns "10.0.0.253"

   svc split include 10.10.10.0 255.255.255.248

   svc split include 10.0.0.0 255.255.255.0

   svc wins-server primary 10.0.0.253

default-group-policy policy_1

aaa authentication list ssl_vpn_xauth_ml_1

gateway gateway_1

max-users 6

inservice

!

end

The actual profile which get's downloaded:

<?xml version="1.0" encoding="UTF-8"?>

<AnyConnectProfile xmlns="http://schemas.xmlsoap.org/encoding/"

xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

xsi:schemaLocation="http://schemas.xmlsoap.org/encoding/

AnyConnectProfile.xsd">

<ClientInitialization>

<UseStartBeforeLogon UserControllable="false">true</UseStartBeforeLogon>

</ClientInitialization>

<ServerList>

  <HostEntry>

    <HostName>Cisco1941</HostName>

    <HostAddress>8.8.8.8</HostAddress>

  </HostEntry> </ServerList>

</AnyConnectProfile>

Thanks for any help.

Andrew