We are trying to configure AnyConnect to work with Azure AD MFA with push to accept. We have a RADIUS tunnel-group that points to our domain controller. The RADIUS server has the Azure extensions installed and MFA is in fact working. The problem is that AnyConnect will prompt the user for the One-Time PIN from the Microsoft Authenticator app. We would prefer to have push to accept working. Does anyone have an idea if this is possible or where I would go about making this configuration change? I feel like I'm 95% of the way there with the OTP working
I was able to solve the problem. There is a setting on the Azure port where you can change the method of authentication that the app will use. I toggled this over to "notification" and AnyConnect works as desired.
I was able to solve the problem. There is a setting on the Azure port where you can change the method of authentication that the app will use. I toggled this over to "notification" and AnyConnect works as desired.
Can you share where exactly in Azure this setting is?
Getting Started
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:
