On 11/04/14 16:10, Kevin Cernekee wrote: > Your authgroup can be set a couple of ways: > > - Through the dropdown (which doesn't seem to be enabled here) > - From a group-url, e.g. https://vpn.foobar.com/mygroup > - From your client cert Option 2 is a winner! I don't know what they changed on the server, but adding the authgroup to the url fixes the problem. > For the latter item, we did see some cases where the client cert would > not be requested. You can try --no-http-keepalive as a quick > workaround. That just causes it to repeat "Refreshing +CSCOE+/sdesktop/wait.html after 1 second..." seemingly forever. It was very reminiscent of the bad old days, but didn't appear to work around the problem. > Does the official Linux Anyconnect client work? Which version? I only tried the official client on Windows. I don't really want to let that stuff near my real computer. ;-) Thanks very much. My problem is solved. Andrew
