Meraki Community
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Anyconnect custom hostname certificate

TAxinte
Here to help
‎Jan 15 2022 11:07 AM
‎Jan 15 2022 11:07 AM

Anyconnect custom hostname certificate

Hello,

 

I've recently updated my meraki MX100s just to use AnyConnect.

 

Everything good so far but I don't really want to use the default DDNS but using my custom domain "vpn.company.com"

 

I have uploaded the certificate where it says "Certificate Authentication" but nothing changes, I get  "NET::ERR_CERT_COMMON_NAME_INVALID". 

 

I've spent like 4 hours figuring out. A meraki's documentation says to generate a cert from the dashboard (https://documentation.meraki.com/MX/AnyConnect_on_the_MX_Appliance) but I don't have any of that.

 

Any help? Thank you

Labels:
0 Kudos
Subscribe
10 Replies 10
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Jan 16 2022 10:45 AM
‎Jan 16 2022 10:45 AM

You are in the wrong place - that is for certificate authentication.

 

You need to work through the process here:

 

PhilipDAth_0-1642358711625.png

 

0 Kudos
Subscribe
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Jan 16 2022 10:46 AM
‎Jan 16 2022 10:46 AM

Do you realise you can use a custom AnyConnect Profile, and the user sees whatever name you want, such as "Company"?  I always use this approach, and the DDNS name (which the user never sees).

 

I have an online profile tool for doing this.

https://www.ifm.net.nz/cookbooks/online-anyconnect-profile-editor.html 

Subscribe
TAxinte
Here to help
‎Jan 17 2022 1:28 AM
‎Jan 17 2022 1:28 AM

Thank you for the reply. I do have a static IP and custom domain to connect to but I get the warning because it points to other certificate (DDNS domain one)

 

I do not have certificate authentication tab (the Secure connection between MX and AnyConnect clients)

 

Anyconnect.png

 

 

 

0 Kudos
Subscribe
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Jan 17 2022 9:29 AM
‎Jan 17 2022 9:29 AM

You need to go to the config section I showed in my screenshot on the same page.

0 Kudos
Subscribe
In response to PhilipDAth
TAxinte
Here to help
‎Jan 17 2022 9:37 AM
‎Jan 17 2022 9:37 AM

I don't have that config on my page, I don't get it

0 Kudos
Subscribe
In response to TAxinte
Ruben2
Here to help
‎Jan 17 2022 10:50 AM
‎Jan 17 2022 10:50 AM

requires MX firmware 16.11+ and enabled by Meraki Support

0 Kudos
Subscribe
In response to Ruben2
Ruben2
Here to help
‎Jan 17 2022 10:50 AM
‎Jan 17 2022 10:50 AM

AnyConnect on the MX Appliance - Cisco Meraki

0 Kudos
Subscribe
In response to Ruben2
TAxinte
Here to help
‎Jan 17 2022 11:11 AM
‎Jan 17 2022 11:11 AM

I am on 16.15 and the option "Full access – Allow Meraki Support access to this organization to troubleshoot issues"

 

 

0 Kudos
Subscribe
In response to TAxinte
Ruben2
Here to help
‎Jan 17 2022 11:15 AM
‎Jan 17 2022 11:15 AM

ok it looks like you will need to contact Meraki Support (via email or Phone call) and they will ask for your support code (they can let you know where to get this) and ask them to enable "Custom hostname certificates"

0 Kudos
Subscribe
In response to Ruben2
TAxinte
Here to help
‎Jan 28 2022 7:28 AM
‎Jan 28 2022 7:28 AM

Thanks, I'll try to contact the Support

0 Kudos
Subscribe
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels
© 2024 Cisco Systems, Inc.