Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3356
Views
10
Helpful
1
Replies

AnyConnect SBL combined with SAML user authentication?

webabc123
Level 1
Level 1

‎07-31-2020 12:23 PM - edited ‎07-31-2020 12:25 PM

We are configuring users to sign into AnyConnect using SAML SSO plus Duo MFA after logging into Windows. 

I have heard that this SSO method doesn’t work with the SBL users may need to use if they don’t have cached credentials. 

 

What options are available for pre-login VPN access for these users?

 

Can SBL be setup with a different profile that only accesses the login servers and uses machine certificates as authentication and then, after login, they disconnect and log in using their SAML SSO if they want to access additional internal resources?

Can Management VPN tunnel pre-logon be combined with SAML SSO after logging into their Windows profile?

 

Is there a better option? 

 

 

18 people had this problem
Labels:
1 Reply 1

joris.van.antwerpen
Level 1
Level 1

‎03-08-2022 12:27 AM

Is there any progress on this? It would be very nice if the user can use the same SAML login page from the Windows Login screen, when using SBL. We now run into issues that after a password reset, still people cannot login to their laptop, as their reset domain password is not synced to the laptop. For that we need the VPN SBL feature, which doesn't support our SAML login.

Customers Also Viewed These Support Documents