Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1527
Views
0
Helpful
3
Replies

VPN AnyConnect Pre-deployment Configuration

JohnNetEng
Level 1
Level 1

‎04-15-2014 12:54 PM - edited ‎02-21-2020 07:36 PM

Is it possible with the Anyconnect predeployment tool to uncheck the "Block connections to untrusted servers" in the MSI for AnyConnect secure mobility client version 3.1.05152 so that it gets pushed out to endusers this way?

Labels:
0 Helpful
3 Replies 3

Marvin Rhoads
Hall of Fame
Hall of Fame

‎04-15-2014 03:18 PM

It's part of the AnyConnect global local policy xml file. You can opt to deploy that (and any connection profiles) along with the msi which installs the other application bits.

You can create it on the ASA using ASDM and manually copy if off into your deployed package or use the standalone AnyConnect Profile Editor - VPN Local Policy component in this case. Unchecking the "Strict Certificate Trust" is the box that changes the client behavior the way you asked. that translates to a line in the file like this:

<StrictCertificateTrust>false</StrictCertificateTrust>

 

0 Helpful

jgustafzon
Level 1
Level 1
In response to Marvin Rhoads

‎08-04-2022 02:01 AM

Hi Marvin,

There seems to be no Strict Certificate Trust-box or option in the VPN Editor standalone.exe or in the ASA 9.8.4.15/ ASDM 7.15.1.150 Anyconnect client 4.9.06037. I can't get this tick box to show in anyconnect preferences, if the certificate expires no work around is available.

0 Helpful

bleuangel
Level 1
Level 1

‎05-21-2014 11:39 PM

Hello,

 

Can I ask where can I download the Anyconnect client 64 bit version .msi package for Windows?

 

Appreciate your help.

 

Thanks! :) 

0 Helpful
Customers Also Viewed These Support Documents