A-2
Cisco AnyConnect VPN Client Administrator Guide
OL-12950-012
Appendix A Sample AnyConnect Profile and XML Schema
Sample AnyConnect Profile
The ClientInitialization section represents global settings for the
client. In some cases (e.g. BackupServerList) host specific overrides
are possible.
-->
<ClientInitialization>
<!--
The Start Before Logon feature can be used to activate the VPN as
part of the logon sequence.
UserControllable:
Does the administrator of this profile allow the user to control
this attribute for their own use. Any user setting associated
with this attribute will be stored elsewhere.
-->
<UseStartBeforeLogon UserControllable="false">false</UseStartBeforeLogon>
<!--
If user is importing a certificate using the enrollment feature,
this attribute will enforce any pin application requirement.
-->
<CertEnrollmentPin>pinAllowed</CertEnrollmentPin>
<!--
This section enables the definition of various attributes that
can be used to refine client certificate selection.
-->
<CertificateMatch>
<!--
Certificate Key attributes that can be used for choosing
acceptable client certificates.
-->
<KeyUsage>
<MatchKey>Non_Repudiation</MatchKey>
<MatchKey>Digital_Signature</MatchKey>
</KeyUsage>
<!--
Certificate Extended Key attributes that can be used for
choosing acceptable client certificates.
-->
<ExtendedKeyUsage>
<ExtendedMatchKey>ClientAuth</ExtendedMatchKey>
<ExtendedMatchKey>ServerAuth</ExtendedMatchKey>
<CustomExtendedMatchKey>1.3.6.1.5.5.7.3.11</CustomExtendedMatchKey>
</ExtendedKeyUsage>
<!--
Certificate Distinguished Name matching allows for exact
match criteria in the choosing of acceptable client
certificates.
-->
<DistinguishedName>
<DistinguishedNameDefinition Operator="Equal" Wildcard="Enabled">
<Name>CN</Name>
<Pattern>ASASecurity</Pattern>
</DistinguishedNameDefinition>
<DistinguishedNameDefinition Operator="Equal" Wildcard="Disabled">
<Name>L</Name>
<Pattern>Boulder</Pattern>
</DistinguishedNameDefinition>
</DistinguishedName>
</CertificateMatch>
<!--
Collection of one or more backup servers to be used in case
the user selected one fails.
-->
<BackupServerList>
<!--
To Next Page
Loading...
Need help?
General