Hello, I'm trying to get an ASA working mostly as described on:
http://www.cisco.com/en/US/products/ps6120/products_tech_note09186a00808e00ec.shtml but with standard CA certificates (wisekey actually), not belgian ones, and not only for the anyconnect SSL-VPN Client, but also for the clientless portal. I cannot get it working :-/ The most I get is the certificate chain is validated correctly, logging on the portal _seems_ to happen, but an immediate logout follows. (Close to putting /bin/false as the shell in /etc/passwd :-) Using anyconnect, I do not get any windows popup asking me to choose the SSL certificate to use (like using IE for the portal), the usual username/password appear (it should not). Trying to type the serial number of the certificate as the username, with blank password does not help in anyconnect. The same is true on the portal: setting DefaultWebVPNGroup authentication to "both" rather than "certificate", I get a username/password on the portal, but entering the serial number does not help, I get rejected. Anyone on this list been there before? Regards. -- Philippe Strauss av. de Beaulieu 25 1004 Lausanne http://philou.ch _______________________________________________ cisco-nsp mailing list cisco-nsp@puck.nether.net https://puck.nether.net/mailman/listinfo/cisco-nsp archive at http://puck.nether.net/pipermail/cisco-nsp/