Using SSO / Cached Credentials with MFA
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-23-2024 01:47 AM
Hi,
I have configured MFA authentication for the Cisco AnyConnect VPN, however it still requires the full email and password each time, prior to sending the MFA prompt.
Is there a way to configure AnyConnect to use the credentials on the machine so that the user is only required to authenticate using the MFA prompt, and not a full logon as well.
Thanks!
- Labels:
-
Other Network Security Topics
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
01-25-2024 03:15 PM
As far as I know you cannot pass the machine credentials to AnyConnect on login. An option could be to use certificate authentication with SAML. Then you users would not need to enter username and password, but still be required to perform dual authentication.
Please remember to select a correct answer and rate helpful posts
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
03-03-2024 10:57 PM
I just set up Cisco AnyConnect with Azure MFA and at our clients the cached/stored credentials for Teams or Outlook are getting passed to AnyConnect. So, you click "connect" and the connection is build up. If you use a notebook without any Teams or Outlook profile, you get asked for username/password and the MFA token. I am looking for how to get this removed.
