le 11-10-2023 05:17 AM
Hi All,
I am in the process of rolling out SBL and in the testing I realised that it works perfectly from the device logon screen. However, once I am logged in to the device, if I choose the SBL option from the Cisco AnyConnect dropdown list, I can connect to the VPN without any form of authentication...
Is there a way to configure this so that the SBL function is only available from the logon screen, or similarly the XML profile self-destructs after the first login to the device?
Thanks!
le 11-10-2023 08:27 AM
Some sort of authentication must be happening - it could be transparent to the end user depending on the system settings (for example, using certificate or some sort of SSO method).
Check your headend firewall and/or AAA server to see what it says about that in the logs and configuration.
le 11-10-2023 08:32 AM
Thanks for the reply Marvin, you are right there is authentication happening, probably my poor wording!
My test device as an example... that has the SBL cert installed as well as the SBL XML profile. So i guess the cert is the authentication, however is there a way to configure it so that the authentication is required manually from the user? We have MFA for Cisco configured which works perfectly, but if a user chooses the SBL option from the dropdown then they can connect to the VPN without any form of MFA / password / manual authentication. This is exactly how we want it from the logon screen, but not once the device is logged in to.
Hopefully that explains it a bit better
le 11-10-2023 09:10 AM
Ah ok. It sounds like you have SBL published as a selectable URL connection profile (tunnel-group). You could hide that but embed it in the client profile xml file so that it is automatically selected by SBL but not visible as a choice when logging on interactively.
le 12-07-2023 01:01 PM
Is there a way we can have SBL VPN automatically connect without login or any kind of user input (not even a laptop in laptop screen click ! ) ??
Découvrez et enregistrez vos notes préférées. Revenez pour trouver les réponses d'experts, des guides étape par étape, des sujets récents et bien plus encore.
Êtes-vous nouveau ici? Commencez par ces conseils. Comment utiliser la communauté Guide pour les nouveaux membres