Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
3281
Views
3
Helpful
4
Replies

Cache user login credentials when using Azure MFA with AnyConnect

Go to solution
Hullabaloo
Level 1
Level 1

‎07-24-2023 12:55 PM

Is there a way to cache user login credentials when using Azure MFA with AnyConnect?

We are just starting our journey with AnyConnect and have it working fine with Azure MFA.  However each time the user connects to VPN, they have to re-enter their credentials.  We'd prefer these be cached so the user just received the MFA prompt in their authenticator app.

2 people had this problem
Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
marce1000
Hall of Fame
Hall of Fame

‎07-25-2023 01:13 AM

 

 


  -                                                     Check if this can work for you  : 
                   Enable the "Keep me signed in" option in the AnyConnect VPN client. This option will allow the client to store the user's credentials in a local cache, so they do not have to re-enter them each time they connect to the VPN.

To enable the "Keep me signed in" option, follow these steps:

Open the AnyConnect VPN client.
Click on the Options button.
Click on the Advanced tab.
Check the box next to Keep me signed in.
Click on the OK button.

Once you have enabled the "Keep me signed in" option, the user's credentials will be cached in the AnyConnect VPN client. The next time the user connects to the VPN, they will be prompted to enter their MFA code, but they will not need to re-enter their username and password.

Here are some additional things to keep in mind:

The "Keep me signed in" option is only available for users who are authenticated with Azure MFA.
The cached credentials will expire after a certain period of time, which is determined by the AnyConnect policy.
If the user's password changes, the cached credentials will be invalidated.

  M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '

View solution in original post

0 Helpful
4 Replies 4

Go to solution
marce1000
Hall of Fame
Hall of Fame

‎07-25-2023 01:13 AM

 

 


  -                                                     Check if this can work for you  : 
                   Enable the "Keep me signed in" option in the AnyConnect VPN client. This option will allow the client to store the user's credentials in a local cache, so they do not have to re-enter them each time they connect to the VPN.

To enable the "Keep me signed in" option, follow these steps:

Open the AnyConnect VPN client.
Click on the Options button.
Click on the Advanced tab.
Check the box next to Keep me signed in.
Click on the OK button.

Once you have enabled the "Keep me signed in" option, the user's credentials will be cached in the AnyConnect VPN client. The next time the user connects to the VPN, they will be prompted to enter their MFA code, but they will not need to re-enter their username and password.

Here are some additional things to keep in mind:

The "Keep me signed in" option is only available for users who are authenticated with Azure MFA.
The cached credentials will expire after a certain period of time, which is determined by the AnyConnect policy.
If the user's password changes, the cached credentials will be invalidated.

  M.



-- Each morning when I wake up and look into the mirror I always say ' Why am I so brilliant ? '
    When the mirror will then always repond to me with ' The only thing that exceeds your brilliance is your beauty! '
0 Helpful

Go to solution
qrahaon
Level 1
Level 1
In response to marce1000

‎11-23-2023 11:41 PM

Hi marce1000,

Your answer regarding credentials is exactly what we are looking for.

However, I can't find the settings you're referring to. Do you know if the option still exists in AnyConnect or has it been removed?

Go to solution
Hullabaloo
Level 1
Level 1

‎07-25-2023 08:19 AM

Thank you so much !

Really appreciate your detailed response.

Go to solution
Leon1
Level 1
Level 1

‎03-12-2024 12:49 AM

Such an option does not exist. Not in AnyConnect and not in Cisco Secure Client.

0 Helpful
Top