Connecting to openvpn server with Cisco Anyconnect SSL Client
Posted: Tue May 22, 2018 2:02 am
Hi all, new here.
I am looking to replicate a similar setup to an existing SSL VPN solution that I have by using openvpn and I am unsure if it's possible. Can the forum let me know if this is possible? Ultimately I require to use the cisco anyconnect vpn client which is the SSL client to connect to openvpn.
Server to use a custom SSL cert such as one from a public trusted CA although this is not critical as I can install the server cert onto the clients that will connect.
The clients will connect to the server and be prompted for a username and password as one option. Another option is to have the clients present a certificate to the server to authenticate them, but unfortunately the clients have this certificate hard coded and I am unable to change it.
As a test I would like to connect from anyconnect vpn software.
The problems I face so far have been the following:
[*]I can install a custom server certificate which clears the invalid certificate warning; but a knock-on affect of this is that authenticating a client by using a custom cert doesn't seem possible as it's not a subordinate of the server cert
[*]Seems that the only way to gain a connection is to use the downloaded user profile from the server; however I need to use HTTPS URL, and be prompted for username and password from the user (in lieu of being able to authenticate the client by a hard coded certificate that the client already has, instead of prompting for username and password)
Any pointers are welcome.
I am looking to replicate a similar setup to an existing SSL VPN solution that I have by using openvpn and I am unsure if it's possible. Can the forum let me know if this is possible? Ultimately I require to use the cisco anyconnect vpn client which is the SSL client to connect to openvpn.
Server to use a custom SSL cert such as one from a public trusted CA although this is not critical as I can install the server cert onto the clients that will connect.
The clients will connect to the server and be prompted for a username and password as one option. Another option is to have the clients present a certificate to the server to authenticate them, but unfortunately the clients have this certificate hard coded and I am unable to change it.
As a test I would like to connect from anyconnect vpn software.
The problems I face so far have been the following:
[*]I can install a custom server certificate which clears the invalid certificate warning; but a knock-on affect of this is that authenticating a client by using a custom cert doesn't seem possible as it's not a subordinate of the server cert
[*]Seems that the only way to gain a connection is to use the downloaded user profile from the server; however I need to use HTTPS URL, and be prompted for username and password from the user (in lieu of being able to authenticate the client by a hard coded certificate that the client already has, instead of prompting for username and password)
Any pointers are welcome.