02-12-2017 02:31 PM - edited 02-21-2020 09:09 PM
Hi Team,
We got a requirement is to make the anyconnect to Autoconnect to our network whenever the PC Restarts or the Internet link Disconnects. So is there any way to Remeber the Password in Anyconnect Software and making it to Auto connect whenever there is Distruption in the Network. We are running the latest version Anyconnect 4.X.
Kindly request your expertise advice on this.
Thank you,
-Vishnu
Solved! Go to Solution.
02-12-2017 03:26 PM
You can use Always On with Trusted Network detection feature of Anyconnect to have the client connect automatically when on an untrusted network.
http://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect44/administration/guide/b_AnyConnect_Administrator_Guide_4-4/configure-vpn.html#ID-1428-000001c7
Regarding saving password, this is not possible. In order to have a seamless user experience, you would need to use client certificates to authenticate the user instead of username and password authentication.
02-12-2017 03:26 PM
You can use Always On with Trusted Network detection feature of Anyconnect to have the client connect automatically when on an untrusted network.
http://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect44/administration/guide/b_AnyConnect_Administrator_Guide_4-4/configure-vpn.html#ID-1428-000001c7
Regarding saving password, this is not possible. In order to have a seamless user experience, you would need to use client certificates to authenticate the user instead of username and password authentication.
02-12-2017 03:40 PM
Thanks a lot Rahul !!!
So we will enable the Always ON feature and test with the Certificate Authentication.
We got a Internal CA Server in the network. So to configure the Certificate based authentication, we need to import the root Certificate in to ASA. And sign the Certificate for individual PC's with this Certificate right ?
Do you have any document for the Certificate Based Authentication and how we can obtain a certificate for the END host.
Thank you,
-Vishnu
02-12-2017 03:55 PM
You are correct. The ASA will have the root cert and end users will have client certificates.
You can use SCEP Proxy feature on the ASA to automate end user certificate enrollment. The Admin guide should have the certificate enrollment configuration steps:
http://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect44/administration/guide/b_AnyConnect_Administrator_Guide_4-4/configure-vpn.html
Another option is to use GPO to issue client certificates to users.
02-12-2017 03:58 PM
Thanks again, will follow the same and update the status.
Thank you,
-Vishnu
08-06-2020 10:07 PM
thanks Rahul
01-25-2022 03:25 AM
Since storing the credentials is currently not possible, I created a new question asking for support: https://community.cisco.com/t5/vpn/anyconnect-store-authentication-credentials-for-auto-login/m-p/4538060
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide