GOAL = Use Cisco AnyConnect Secure Mobility Clients for MAC & WIN
RATIONALE = Windows 10/11 Built-in VPN Client is notoriously flaky (adapter configs, etc.)
BEFORE
-
Windows 10/11 Built-in VPN Client → myvpn.mycompany.com → non-cisco router → DUO Proxy (AD Auth) → DUO Mobile Prompt → Network access successful
-
MAC OSX VPN L2TP Client → myvpn.mycompany.com → non-cisco router → DUO Proxy (AD Auth) → DUO Mobile Prompt → Network access successful
AFTER
-
Cisco AnyConnect Secure Mobility Client (MAC & WIN) → myvpn.mycompany.com → Cisco RVXXX router → No valid certificates available for authentication, Connection attempt has failed
-
Using default router cert for “SSL VPN” config
CURRENT WORKAROUND MODE
-
Windows 10/11 Built-in VPN Client → myvpn.mycompany.com → non-cisco router → DUO Proxy (AD Auth) → DUO Mobile Prompt → Network access successful
-
MAC Cisco AnyConnect Secure Mobility Client → IP:port → Cisco RVXXX router → SSL VPN → Network access successful (No DUO)
ASSUMPTIONS/FINDINGS
-
Uploaded certs required for primary and backup VPN servers (on-prem)
-
I am so close, I think; Client-to-Site tunnel has also been configured with correct CERT, tested, No valid certificates available for authentication, Connection attempt has failed
-
I do have a question about Local (uploaded) vs. Remote CA Certificate (chose from where we purchased) - still not luck