I know this was a feature early on, but is Meraki planning to setup the AnyConnect Client VPN configuration so that we can import our own SSL certificate to login to the server? Or change the hostname to a custom hostname?
I don’t know anything about the roadmap, but for the host name, I would deploy AnyConnect profiles which “hide” the name from the client. Not the same, but perhaps the way to go. This should be also a better solution to not break the failover to the secondary ISP in case of failure of the primary ISP.
Thanks @PhilipDAth. I started down the profile path at one point and have visited your site before. Simple and really helpful. I knew that Meraki had pointed it out in their documentation before, but wasn't sure where until today.
"An AnyConnect profile is a crucial piece for ensuring easy configuration of the AnyConnect client software, once installed. The MX does not support the use of custom hostnames for certificates (e.g. vpn.xyz.com). The MX only supports use of the Meraki DDNS hostname for auto-enrollment and use on the MX. With the Meraki DDNS hostname (e.g. mx450-xyuhsygsvge.dynamic-m.com) not as simply as a custom hostname, the need for AnyConnect profiles cannot be overemphasized. Profiles can be used to create hostname aliases, thereby masking the Meraki DDNS with a friendly name for the end user. "
I used your profile creator and it worked perfectly. Thanks for your help on this!