Choose group by url or profile in AnyConnect (!226) · Merge requests · OpenConnect VPN projects / ocserv

defragmentator requested to merge defragmentator/ocserv:master into master Oct 08, 2020

This patch solves problem when user use certificate authorization, has access to several groups and want to switch between them in easy way. In AnyConnect it can be done configuring different profiles with name (URL) like example.com/group_name or by profile file

                <HostEntry>
                        <HostName>My VPN my_group</HostName>
                        <HostAddress>example.com</HostAddress>
                        <UserGroup>group_name</UserGroup>
                </HostEntry>

To make it work on Cisco ASA side following command must be used:

tunnel-group group_name webvpn-attributes
 group-alias group_name enable
 group-url https://example.com/group_name enable

On ocserv it was not possible - HTTP 404 was returned. With provided patch it works like on Cisco ASA.

Edited May 22, 2021 by Nikos Mavrogiannopoulos

Admin message

Choose group by url or profile in AnyConnect

Merge request reports