Scribd Logo
Upload

Welcome to Scribd!

  • Cisco AnyConnect Secure Mobility Client Useful Tips

    Uploaded by

    p2fzxdv6jw
    4 views3 pages
    Using a VPN

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    Report this Document
    Using a VPN

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    4 views3 pages

    Cisco AnyConnect Secure Mobility Client Useful Tips

    Uploaded by

    p2fzxdv6jw
    Using a VPN

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Flag for inappropriate content
    of 3

    Cisco AnyConnect Secure Mobility Client Useful Tips 1/16/24, 2:53 PM

     AnyConnect Secure Mobility Client U… Close

    You can x the most commonly encountered issues with Cisco AnyConnect Secure Mobility Client
    connections by altering your browser settings. If you are having problems, please see the following notes:

    Adding a Security Certicate in Response to Browser Alert Windows


    Allowing Java Applet Execution in Safari

    In these notes the term "Security Gateway" refers to the Cisco device to which the Cisco AnyConnect
    Secure Mobility Client connects. Examples of Security Gateways include the Adaptive Security Appliance
    5500 and Catalyst 6000.

    The complete release notes for this product cover additional issues and are available from Cisco's website.

    Adding a Security Certicate in Response to Browser Alert


    Windows
    SSL uses certicates to identify peers in a connection. The Security Gateway has a certicate installed
    that is used to establish its identity. The certicate may be issued from a widely trusted source, such as
    Verisign or Thawte, that your computer is already congured to trust. Or it may be issued from a self-
    signed certicate that your computer does not trust automatically, resulting in security warnings during
    connection establishment.

    This section explains how to install a self-signed certicate as a trusted root certicate on a client in
    response to the browser alert windows.

    In Response to Firefox "Certied by an Unknown Authority" Window

    Install the certicate as a trusted root certicate as follows:

    1. Click Examine Certicate in the "Web Site Certied by an Unknown Authority" window.
    The Certicate Viewer window opens.
    2. Click the Accept this certicate permanently option.
    3. Click OK.
    The Security Gateway window opens, signifying the certicate is trusted.

    In Response to "Safari can't verify the identity of the website Hostname_or_IP_address" Window

    Install the certicate as a trusted root certicate as follows:

    https://danforthvpn.wustl.edu/CACHE/stc/2/tips.htm Page 1 of 3
    Cisco AnyConnect Secure Mobility Client Useful Tips 1/16/24, 2:53 PM

    1. Click Show Certicate in the "Safari can't verify the identity of the website
    Hostname_or_IP_address" window.
    2. Select the option "Always trust Hostname_or_IP_address when connecting to
    Hostname_or_IP_address."
    3. Click Continue.
    The Security Gateway window opens, signifying the certicate is trusted.

    Allowing Java Applet Execution in Safari


    Any browser that supports the Java plugin should work for Cisco AnyConnect Secure Mobility Client’s
    web launch. On macOS, the Java plugin is 64-bit only; this means that only 64-bit browsers are
    supported. Safari and Firefox both support the Java plugin; however, Chrome is a 32-bit only browser
    and does not run Java. For this reason, Cisco AnyConnect Secure Mobility Client’s web launch
    functionality will not run in Chrome on macOS and will need to be downloaded manually.

    Safari 9 (and earlier)

    By default, Safari blocks execution of Java applets. In order to grant the necessary permissions to web
    sites running Cisco AnyConnect Secure Mobility Client’s web launch., we must edit Safari's security
    preferences.

    1. Open Safari Preferences.


    2. Select Security preference.
    3. Click Manage Website Settings... button.
    4. Select Java from the options listed on left side.
    5. Change the option from Block to Allow Always for the website "Hostname_or_IP_address" you are
    trying to connect to.
    6. Finally, click Done.

    This will allow Cisco AnyConnect Secure Mobility Client Java applet to execute. Retry the VPN
    connection.

    Safari 10 (and later)

    Starting with Safari 10, tho option to toggle “ are mode” still exists, but it is hidden. Follow these steps
    to enable Cisco AnyConnect Secure Mobility Client's Java applet execution.

    https://danforthvpn.wustl.edu/CACHE/stc/2/tips.htm Page 2 of 3
    Cisco AnyConnect Secure Mobility Client Useful Tips 1/16/24, 2:53 PM

    1. Open Safari Preferences.


    2. Select Security preference.
    3. Check the Internet plug-ins: option to allow Plug-ins.
    4. Select Plug-in Settings button.
    5. Select Java from the options listed on left side.
    6. Highlight the "Hostname_or_IP_address" you are trying to connect to.
    7. Hold Alt(or Option) and click the drop down menu. Make sure that On is checked, and Run in Safe
    Mode is unchecked.
    8. Finally, click Done.

    This will allow Cisco AnyConnect Secure Mobility Client Java applet to execute. Retry the VPN
    connection.

    [Back to top]

    https://danforthvpn.wustl.edu/CACHE/stc/2/tips.htm Page 3 of 3

    You might also like