GOAL = Use Cisco AnyConnect Secure Mobility Clients for MAC & WIN

RATIONALE = Windows 10/11 Built-in VPN Client is notoriously flaky (adapter configs, etc.)

BEFORE

• Windows 10/11 Built-in VPN Client → myvpn.mycompany.com → non-cisco router → DUO Proxy (AD Auth) → DUO Mobile Prompt → Network access successful

• MAC OSX VPN L2TP Client → myvpn.mycompany.com → non-cisco router → DUO Proxy (AD Auth) → DUO Mobile Prompt → Network access successful

AFTER

• Cisco AnyConnect Secure Mobility Client (MAC & WIN) → myvpn.mycompany.com → Cisco RVXXX router → No valid certificates available for authentication, Connection attempt has failed

• Using default router cert for “SSL VPN” config

CURRENT WORKAROUND MODE

• Windows 10/11 Built-in VPN Client → myvpn.mycompany.com → non-cisco router → DUO Proxy (AD Auth) → DUO Mobile Prompt → Network access successful

• MAC Cisco AnyConnect Secure Mobility Client → IP:port → Cisco RVXXX router → SSL VPN → Network access successful (No DUO)

ASSUMPTIONS/FINDINGS

• Uploaded certs required for primary and backup VPN servers (on-prem)

• I am so close, I think; Client-to-Site tunnel has also been configured with correct CERT, tested, No valid certificates available for authentication, Connection attempt has failed

• I do have a question about Local (uploaded) vs. Remote CA Certificate (chose from where we purchased) - still not luck