03-09-2020 11:47 AM
When using AnyCOnnect 4.7 the embedded browser use IE when authenticating with SAML. This causes issues in that we get 500 errors with first login. In addition, when connected to DUO/MFA , IE won't render all of the HRML correctly and we can't enter the code when users select token as an option. Any ideas on how to use a different embedded browser?
03-16-2020 11:42 AM
Hi,
Have you tried changing the "default browser" of the operating system?
Regards,
Cristian Matei.
03-16-2020 12:16 PM
03-16-2020 01:01 PM
Hi,
Are you using Windows 7 an IE 11 minimum? It seems it has to be IE on Windows devices.
Regards,
Cristian Matei.
03-16-2020 01:45 PM
09-14-2020 08:01 PM - edited 09-14-2020 08:02 PM
Same issues here. I haven't found a way to change the embedded browser of the AnyConnect client to something other than IE. You can lean on your account rep or Duo Success Team since Duo has been acquired by Cisco and can internally escalate a feature request.
The embedded IE browser is a poor choice to use by a company that specializes in security in my opinion. At least let us use a browser that supports FIDO2/webauthn for modern security and cert-based security keys.
-Buster
07-28-2022 04:36 PM
Has this been fixed/updated in 4.10 client to use Edge, Chrome, Safari or Firefox?
07-29-2022 10:33 AM
Hi Mel,
AnyConnect 4.10.05095 now defaults to using WebView2 for the embedded browser assuming the runtime is installed on the PC. Please see the release notes.
This is a maintenance release that includes the following enhancements, and that resolves the defects described in AnyConnect 4.10.05095.
On Windows, the AnyConnect embedded browser now defaults to WebView2, as long as the WebView2 runtime is installed. If you need to revert back to the legacy embedded browser control, add DWORD registry value UseLegacyEmbeddedBrowser set to 1 to one of the following registry keys:
(64-bit machine) Computer\HKEY_LOCAL_MACHINE\SOFTWARE\WOW6432Node\Cisco\Cisco AnyConnect Secure Mobility Client
(32-bit machine) Computer\HKEY_LOCAL_MACHINE\SOFTWARE\Cisco\Cisco AnyConnect Secure Mobility Client
(32-bit or 64-bit machine) Computer\HKEY_CURRENT_USER\SOFTWARE\Cisco\Cisco AnyConnect Secure Mobility Client
12-15-2022 07:03 AM
Hi
although it's an old topic, I would like to add the following:
1. from AnyConnect 4.6 to AnyConnect 4.10.03104 an enhanced version of SAML integration with an Embedded Browser has replaced the Native (External) Browser Integration from previous releases.
2. AnyConnect 4.10.04065 supports AnyConnect VPN SAML External Browser (as an optional add-on, via the External Browser Package external-sso-4.10.04065-webdeploy-k9.pkg)
3. since AnyConnect 4.10.04071 you don't need the External Browser Package
4. since AnyConnect 4.10.05095, on Windows, the AnyConnect Embedded Browser is Microsoft Edge WebView2
5. for SAML External Browser use, you MUST perform configuration using:
. ASA 9.17.1+ (via CLI command external-browser enable in the config-tunnel-webvpn mode)
. ASDM 7.17.1+
. FDM 7.1+
Please take a look at the Post: SAML External Browser with ASA 9.14 and Anyconnect 4.10.
Hope this helps !!!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide