Unable to load AnyConnect Profile
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-28-2020 10:42 AM
I'm a very simple AnyConnect Secure Mobility Client User. I installed anyconnect-win-4.6.03049-core-vpn-predeploy-k9 and then use it to VPN to a remote site. That's it. Worked fine.
Now, I need to update the Profile. I manually updated AnyConnectProfile.xsd. However, when I run vpnui.exe, it doesn't load the new profile. How can I force AnyConnect to load a new profile.
- Labels:
-
AnyConnect
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-28-2020 10:50 AM - edited 01-28-2020 10:53 AM
Hi,
You need to save the AnyConnect profile as an XML file - to C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\Profile. Once you have saved the file there, restart the AnyConnect services. The new profile should then appear in the drop-down list.
HTH
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-28-2020 11:47 AM
Thank you. Yes, I modified the .xml file and resaved it in the Profile folder. However, how do I get this drop-down list that you mention. The only thing I know how to do is execute vpnui.exe, which opens the UI.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-28-2020 12:01 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-28-2020 01:53 PM
I don't have a GUI. I execute vpnui.exe and this window pops up. I'm not looking for I full-fledged CISCO application, I just want to find a way to incorporate the Profile that I edited.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-28-2020 02:15 PM
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-28-2020 03:09 PM
I think we are talking past each other. I'm not trying to add a new connection. Specifically, I updated AnyConnectProfile.xsd my changing True to False in this line:
<xs:element name="AutomaticCertSelection" default="false" minOccurs="0">
However, the modified profile is not read in. I can put garbage in the profile, or even delete the file, and AnyConnect executes as if the profile wasn't there. So, it appears to continue run with the profile that existed at installation. I need to know how to force it to read a new profile.
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-29-2020 05:11 AM
The XSD file is NOT the correct file to do this. You need to modify the VPN profile (an XML file NOT XSD) that is installed on the PC (if you have one, or create a new profile and upload it to the ASA). The profile can be created through the VPN Profile editor. The setting you are looking for is this one. You will also need to properly fill in the other fields in the profile for what features youare using.
Do you know if you already have an XML file pushed? Even if you modify the local profile that you have the first time you connect to the headend this profile can potentially be overwritten with the one on the headend. If the profile is being pushed with the "user controlable" option set then you can change the behavior through the preferences tab on the AnyConnec GUI.
It would be in this list somewhere...
If you have been pushed a profile it will be located in the C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\Profile\ directory.
Steve S.
