Hi,   Trying to configure AnyConnect with Certificate Authentication. Since there are no visible logs available from Meraki interface, I am unable to troubleshoot and understand what is really happening here. I have tried to contact Meraki support on several occasion, but have been met by agents without real knowledge or understanding about this, plus 1-2 hours wait time on the telephone with random disconnects. I guess beta features with beta support go hand in hand.   This gives me the opportunity to try and ask the Community to see if there is somebody out there that has a working configuration. I have been told by others that it should work, but they have not given any details about it so not sure. It seems so basic, but I just can't figure it out. Does anybody have some pointers?    I have not tested if {{DeviceName}} should be added to SAN, or that the issue is that I really need a (public) Root CA and issue SCEPman with Intermediate CA Certificate (but Meraki documentation does not really mention the need for it). Anybody knows?   My configuration is as follows:   MX84 with 16.11 (tried 16.8 too) SCEPman CA certificate uploaded to Meraki Machine and User certificate successfully deployed to device, also root added to Trusted AnyConnect Client v4.10.00093 for Windows with Profile below (manual cert selection for testing) <?xml version="1.0" encoding="UTF-8"?> <AnyConnectProfile xmlns="http://schemas.xmlsoap.org/encoding/"> <ClientInitialization> <AuthenticationTimeout>60</AuthenticationTimeout> <AutomaticCertSelection>false</AutomaticCertSelection> </ClientInitialization> <ServerList> <HostEntry> <HostName>AnyConnect</HostName> <HostAddress>***.dynamic-m.com</HostAddress> </HostEntry> </ServerList> </AnyConnectProfile>   When connecting, attempting both Machine and User certificate, gives the following Error: The causing Error in Event Log I assume: Function: ConnectMgr::certAuthHasFailed File: c:\temp\build\thehoff\phoenix_fcs0.660176920511\phoenix_fcs\vpn\api\connectmgr.cpp Line: 16651 Certificate authentication requested from gateway, no valid certs found in users cert store. Here are Event Logs leading to the Error above - User certificate: Certificate authentication requested from gateway, no valid certs found in users cert store. Client certificate requested by peer (via AggAuth) Issuer not found in CA Names from server for cert: /L={{AAD_Device_ID}}/CN={{User_Principal_Name}} Client certificate requested by peer Return success from VerifyServerCertificate User Selected Certificate: *** USER CERT *** Client certificate requested by peer (via AggAuth) Client certificate requested by peer Return success from VerifyServerCertificate And Machine certificate: Certificate authentication requested from gateway, no valid certs found in users cert store. Client certificate requested by peer (via AggAuth) [MCA] One certificate sent at protocol layer Issuer not found in CA Names from server for cert: /CN={{AAD_Device_ID}} Client certificate requested by peer Return success from VerifyServerCertificate User Selected Certificate: *** MACHINE CERT ***       ... View more