cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
135
Views
0
Helpful
0
Replies
Highlighted
Beginner

AnyConnect SBL combined with SAML user authentication?

We are configuring users to sign into AnyConnect using SAML SSO plus Duo MFA after logging into Windows. 

I have heard that this SSO method doesn’t work with the SBL users may need to use if they don’t have cached credentials. 

 

What options are available for pre-login VPN access for these users?

 

Can SBL be setup with a different profile that only accesses the login servers and uses machine certificates as authentication and then, after login, they disconnect and log in using their SAML SSO if they want to access additional internal resources?

Can Management VPN tunnel pre-logon be combined with SAML SSO after logging into their Windows profile?

 

Is there a better option? 

 

 

Everyone's tags (1)