Connect to Untrusted VPN Server using Cisco AnyConnect via command line in Windows
AnyConnect's behavior with untrusted server handling is detailed in the admin guide. Please refer to it for details.
If your client is configured to block connections to untrusted servers, first your input text needs to be modified to change the preference to accept connections. This is the case of handling the red prompt (Untrusted error) as mentioned in the admin guide. Text input -
connect <vpn2.some.host>
y
y
Once you saved the preference, you have to re-initiate the connection. This time client will provide options to continue connection and import the certificate as well. Among other certificate errors, AnyConnect will allow user to import the certificate only if the source is untrusted. For example, if the certificate is expired, user can not import the certificate. This is the case of handling the white prompt (Untrusted warning).
In your text input, you are actually missing the input for importing the certificate. So, try -
connect <vpn2.some.host>
y
n
<GROUP>
<LOGIN>
<PASSWORD>
If you wish to import the certificate, replace n
with y
. Since your certificate is already imported, for future connections your input text will look just like the first one (i.e., trusted certificate). Hope this is helpful.