Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
881
Views
0
Helpful
1
Replies

AnyConnect Remote Access VPN - Stay connected when smartcard removed

mattw
Level 1
Level 1

‎02-22-2022 03:43 AM

Hi,

We have a use case for Windows 10 tablets to connect to a remote access VPN using certificates.

This is working perfectly with machine certificate and user certificate on a USB smartcard (Yubikey).

The problem is that the VPN drops when the Yubikey smartcard is removed.

I fully understand that from a security perspective this is a good thing but the Yubikeys will be damaged quickly if permanently connected physically so we'd like to allow the RAVPN to stay up after the Yubikey is removed from the USB port.

I believe this was possible with the old IPSEC VPN client and ASA with a group-policy parameter called 'smartcard-removal-disconnect disable'

I found this enhancement request: https://bst.cloudapps.cisco.com/bugsearch/bug/CSCtf65383

Headend is FMC managed FTDv running 7.0.1.

Clients are using latest AnyConnect client.

Anybody know if this is possible?

Many thanks,

Matt.

1 person had this problem
Labels:
0 Helpful
1 Reply 1

mattw
Level 1
Level 1

‎02-24-2022 02:17 AM

*BUMP*

Anyone know if this is possible today?

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents