Add Connection Profiles to Cisco AnyConnect Secure Mobility Client

August 19, 2014

I enjoy the new VPN client, it’s small and fast, however I hated that you can’t save profiles in the drop down list like you could in the traditional VPN client.

VPNNoProfile

This has been bothering for a long time and kept finding conflicting information on if this was possible or not. Finally got it to work.

VPNProfiles

This is for version 3.1x and Windows 7 let me know if this works for your version and OS.

  • Create a preferences.xml file in C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client\Profile\
  • Use this format

<?xml version="1.0" encoding="UTF-8"?>

<AnyConnectProfile xmlns="http://schemas.xmlsoap.org/encoding/">
<ServerList>
     <HostEntry>
          <User>dclouduser</User>
          <SecondUser></SecondUser>
          <ClientCertificateThumbprint></ClientCertificateThumbprint>
          <ServerCertificateThumbprint></ServerCertificateThumbprint>
          <HostName>dCloud</HostName>
          <HostAddress>dcloud-rtp-anyconnect.cisco.com</HostAddress>
          <Domain></Domain>
          <Group>ssl_url</Group>
          <ProxyHost></ProxyHost>
          <ProxyPort></ProxyPort>
          <SDITokenType>none</SDITokenType>
          <ControllablePreferences>
          <LocalLanAccess>true</LocalLanAccess></ControllablePreferences>
     </HostEntry>

     <HostEntry>
          <User>dmacias</User>
          <SecondUser></SecondUser>
          <ClientCertificateThumbprint></ClientCertificateThumbprint>
          <ServerCertificateThumbprint></ServerCertificateThumbprint>
          <HostName>Speech-Soft</HostName>
          <HostAddress>vpn.dmacias.com</HostAddress>
          <Domain></Domain>
          <Group>ssl_url</Group>
          <ProxyHost></ProxyHost>
          <ProxyPort></ProxyPort>
          <SDITokenType>none</SDITokenType>
          <ControllablePreferences>
          <LocalLanAccess>true</LocalLanAccess></ControllablePreferences>
     </HostEntry>
</ServerList>

</AnyConnectProfile>

  • Save the file.
  • Restart the connectivity client.
  • Enjoy

~david

EDIT 01/18/2017: This also works with Cisco AnyConnect 4.x!

43 Comments to "Add Connection Profiles to Cisco AnyConnect Secure Mobility Client"

  1. Greg wrote:

    Thank you! This had been driving me crazy – I needed to replace my exisiting servers with a new one. I had been typing in the address manually every time. These instructions fixed my issue.

  2. dmacias wrote:

    Glad to hear it worked for you!

  3. Dario wrote:

    Not working for me in a XP

  4. dmacias wrote:

    What happens when you try this on XP?

  5. keeky wrote:

    add profile.xml same path also works, however, no idea why username can not be remembered。。。

  6. dmacias wrote:

    The username should save also. Did you use the format above?

  7. Siraz wrote:

    Thank you..
    It has been driving me crazy for a long time to replace with a new connection.

    Appreciate!

  8. Dreal wrote:

    I also noticed that there was persistent entry in anyconnect after using your workaround. The persistent entry was found one directory up in the global preferences xml. Thank you for this how-to!

  9. dmacias wrote:

    Glad to hear it worked for you, good tip on the persistent entry.

  10. Torben wrote:

    Same problem here. Username is taken from last connection and not from the xml file?

  11. Diego wrote:

    It also working for me to load HostName and HostAddress, but not the user. It keeps getting the username from the tag in C:\Users\(user)\AppData\Local\Cisco\Cisco AnyConnect Secure Mobility Client\preferences.xml
    Any idea why it works like that?
    Thanks!

  12. dmacias wrote:

    No, I’ve not had a chance to play with it to see if the username can be retrieved based on the drop down.

  13. Kaash wrote:

    Thanks a ton !!!!!!! :-) worked for me in Win 7

  14. Jim wrote:

    So did anyone get the username to be retrieved based on drop down? That seems to be cached and cannot get to work. Any help appreciated.

  15. Igor wrote:

    Having same issue with user. It keeps remembering user from different profile

  16. RickM wrote:

    I’m using MS Visual Studio Tools for Applications to edit the profile xml and it tells me that USER is an invalid child element for in namespace http://schemas.xmlsoap.org/encoding

  17. dmacias wrote:

    Rick,

    User is not going to do anything for you. You’ll only be able to save the connection address.

  18. RickM wrote:

    The original posted answer showed:

    dclouduser
    ssl_url

    I do get a drop down using:
    dCloud
    dcloud-rtp-anyconnect.cisco.com

    I was hoping user and group would also come up when selecting hostname from the drop down.

    That looks like what everyone was asking about.

    Is there no way to get username and group from an xml?

  19. dmacias wrote:

    Yeah seems like username and group don’t come from this file, which is a shame.

  20. RickM wrote:

    So, did CISCO provide a way for use to have user and group or any other user attributes associated with a hostname?

  21. Igor wrote:

    Thanks a lot for the help! I was trying to find solution couple days already, and yours work!!! How did you find it yourself man? I do not see it in Cisco official f@king docs )

  22. dmacias wrote:

    I suspect I ran across it on the support forums, honestly it’s been forever. Certainly something Cisco should look into implementing as this seems to be my most popular post. Glad it helped you out.

  23. JimC wrote:

    Thanks for posting! Works with version 3.1.x and Windows 10. Like others, this has saved a lot of frustration in what seems like a simple thing of remembering connection info.

  24. [Repost] Add Connection Profiles to Cisco AnyConnect Secure Mobility Client | Process Studio wrote:

    […] comments via the RSS Feed | Leave a comment | Trackback […]

  25. JR wrote:

    I know it is old but was also very helpful to me. Thanks for posting. (Windows10)

  26. AndresC wrote:

    This does not work for me with version 4.2.01022 on Windows 7 Pro SP1.

    The last session does not work for me by default. I also do not even have a profile directory. I created one and added the xml file, but that did not work unfortunately.

  27. dmacias wrote:

    I’ll check out your version and see if I can get it to work. Thanks for the update.

  28. tomfreakz wrote:

    Sorry, please delete my previous comments.

    Hi, I’m using mac,
    with Cisco AnyConnect 4.3.03086

    To add new profile,
    I just create new xml file under directory
    /opt/cisco/anyconnect/profile/

    I name it myprofile.xml

    Then inside my xml file, you may type your connection name and ip address, inside this xml tag.

    You may look on my codepen.
    Looks like this blog comment doesn’t allow html/xml tag script

    http://codepen.io/tomfreakz/pen/WRwOBE

    It works on my mac.
    What about you? :)

  29. David wrote:

    Thank you so much. This saved me a lot of frustration.

  30. dmacias wrote:

    AndresC, unfortunately I don’t have access to AnyConnect 4.x. Sorry.

  31. dmacias wrote:

    Actually look at tomfreakz reply, his 4.x client works on Mac, so maybe it should work on Windows too.

  32. Thomas wrote:

    @tomfreakz: Hey, just tried your solution for Mac but unfortunetaly this doesnt work for me. It simply does not appear in the VPN drop down menu. Any clue?

  33. quantum wrote:

    Thanks dmacias & tomfreakz, this site was extremely helpful.

    I’ve confirmed tomfreakz’s solution works for Mac OS (Sierra) with Cisco AnyConnect client v4.2

  34. Fer M wrote:

    It worked for me. Thank you sir!

  35. Philip S wrote:

    Thank dmacias

    I’m using it with AnyConnect 3.1 on a Windows 10 1703 Client and it works great for me

    Philip

  36. dmacias wrote:

    Excellent news man!

  37. Cassandra wrote:

    Hey sorry for the newbie question, I’m not a coder. Can you highlight the areas where I plug the two URLs for the two profiles? This seems simple enough if I know what to replace, but the one URL at the beginning is throwing me off. What goes there? (http://Schemas…) Thank you.

  38. dmacias wrote:

    Cassandra,

    Look at the following two lines inside of the XML block:


    <HostName>Speech-Soft</HostName>
    <HostAddress>vpn.dmacias.com</HostAddress>

    Let me know if this doens’t help.

  39. dmacias wrote:

    I’ve looked but there isn’t.

  40. Rick Melton wrote:

    I have 2 URLs working, but each has a different group and username. Is there a way to get those to come up when I select that URL.

  41. Rick Melton wrote:

    Bummer!

  42. Eugene wrote:

    Directory to place profiles.xml at Linux OS is the same as Mac’s: /opt/cisco/anyconnect/profile/

  43. Chuck wrote:

    Dmacias – great solution on Win 7. thanks so much. Let us know when you figure out how to bring in the username!

Leave Your Comment

 
Powered by Wordpress and MySQL. Theme by Shlomi Noach, openark.org