Buy or Renew
Buy or Renew
NEW! Stay up-to-date on Cisco Secure Access: Software Release Notes and Announcements
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
761
Views
0
Helpful
2
Replies

2FA with PINGid worked in 9.6.2, but not 9.8.2

tahscolony
Level 1
Level 1

‎08-20-2018 07:54 AM

I had MFA setup with Anyconnect working, had to disable temporarily while doing a move to get regular users ability to VPN, and now that we are fully migrated, want to enable the 2FA permanently, however, in doing patching, the firewall was upgraded to 9.8 and now when enabling the policy for 2FA VPN, it prompts for 2 usernames (which I found where to disable) and 2 passwords. How do I eliminate that second password since PINGid is used for the second factor, and is still working, but that second password field is causing login failure.

Labels:
0 Helpful
2 Replies 2

Dennis Mink
VIP Alumni
VIP Alumni

‎08-22-2018 02:29 AM

can you please share relevant configuration,

 

thanks

Please remember to rate useful posts, by clicking on the stars below.

0 Helpful

tahscolony
Level 1
Level 1
In response to Dennis Mink

‎08-22-2018 05:32 AM

I found the issue, somehow second auth was configured on the tunnel group. The other issue is with Ping. I had found a bug in 9.8.2.38 with flash being locked and rolled back to 9.6.2, the configuration was still there, so digging through CLI I found the second auth and removed it. Now I get the normal auth popup I am looking for.  Now to figure out why PING is rejecting my password.

0 Helpful
Customers Also Viewed These Support Documents