04-15-2014 12:54 PM - edited 02-21-2020 07:36 PM
Is it possible with the Anyconnect predeployment tool to uncheck the "Block connections to untrusted servers" in the MSI for AnyConnect secure mobility client version 3.1.05152 so that it gets pushed out to endusers this way?
04-15-2014 03:18 PM
It's part of the AnyConnect global local policy xml file. You can opt to deploy that (and any connection profiles) along with the msi which installs the other application bits.
You can create it on the ASA using ASDM and manually copy if off into your deployed package or use the standalone AnyConnect Profile Editor - VPN Local Policy component in this case. Unchecking the "Strict Certificate Trust" is the box that changes the client behavior the way you asked. that translates to a line in the file like this:
<StrictCertificateTrust>false</StrictCertificateTrust>
08-04-2022 02:01 AM
Hi Marvin,
There seems to be no Strict Certificate Trust-box or option in the VPN Editor standalone.exe or in the ASA 9.8.4.15/ ASDM 7.15.1.150 Anyconnect client 4.9.06037. I can't get this tick box to show in anyconnect preferences, if the certificate expires no work around is available.
05-21-2014 11:39 PM
Hello,
Can I ask where can I download the Anyconnect client 64 bit version .msi package for Windows?
Appreciate your help.
Thanks! :)
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide