Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2028
Views
5
Helpful
2
Replies

Is there a way to temporary bypass MFA for a user?

JoeDante77
Level 1
Level 1

‎10-31-2022 05:34 AM

Hi guys, 

Our current setup is we get users to login to cisco anyconnect with their AD username and password then they get an alert to allow the connection via Microsoft Authenticator.

This is working fine however occasionally we have a situation where a user has no phone available and cannot connect to VPN.
I am wondering if there's a way to temporarily bypass using the Microsoft Authenticator app when connecting to the VPN?

Labels:
0 Helpful
2 Replies 2

balaji.bandi
Hall of Fame
Hall of Fame

‎10-31-2022 05:40 AM - edited ‎10-31-2022 05:42 AM

There is no option for temporarly allow. if you see this is more and more users - You need to create a new profile and add that user in to that profile not to use MFA. (but this is permanent).

bare in mind removing MFA is secure threat, that means any one who knows that username and password can login, that is the reason MFA was introduced to secure.

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame

‎10-31-2022 07:23 AM - edited ‎10-31-2022 07:23 AM

For a given connection profile, this can only be done by an admin of the organization's Azure instance. They would need to go in and configure a one-time bypass for that user.

https://cloudacademy.com/course/implementing-multi-factor-authentication/configure-bypass-options/

Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card