07-24-2023 12:55 PM
Is there a way to cache user login credentials when using Azure MFA with AnyConnect?
We are just starting our journey with AnyConnect and have it working fine with Azure MFA. However each time the user connects to VPN, they have to re-enter their credentials. We'd prefer these be cached so the user just received the MFA prompt in their authenticator app.
Solved! Go to Solution.
07-25-2023 01:13 AM
- Check if this can work for you :
Enable the "Keep me signed in" option in the AnyConnect VPN client. This option will allow the client to store the user's credentials in a local cache, so they do not have to re-enter them each time they connect to the VPN.
To enable the "Keep me signed in" option, follow these steps:
Open the AnyConnect VPN client.
Click on the Options button.
Click on the Advanced tab.
Check the box next to Keep me signed in.
Click on the OK button.
Once you have enabled the "Keep me signed in" option, the user's credentials will be cached in the AnyConnect VPN client. The next time the user connects to the VPN, they will be prompted to enter their MFA code, but they will not need to re-enter their username and password.
Here are some additional things to keep in mind:
The "Keep me signed in" option is only available for users who are authenticated with Azure MFA.
The cached credentials will expire after a certain period of time, which is determined by the AnyConnect policy.
If the user's password changes, the cached credentials will be invalidated.
M.
07-25-2023 01:13 AM
- Check if this can work for you :
Enable the "Keep me signed in" option in the AnyConnect VPN client. This option will allow the client to store the user's credentials in a local cache, so they do not have to re-enter them each time they connect to the VPN.
To enable the "Keep me signed in" option, follow these steps:
Open the AnyConnect VPN client.
Click on the Options button.
Click on the Advanced tab.
Check the box next to Keep me signed in.
Click on the OK button.
Once you have enabled the "Keep me signed in" option, the user's credentials will be cached in the AnyConnect VPN client. The next time the user connects to the VPN, they will be prompted to enter their MFA code, but they will not need to re-enter their username and password.
Here are some additional things to keep in mind:
The "Keep me signed in" option is only available for users who are authenticated with Azure MFA.
The cached credentials will expire after a certain period of time, which is determined by the AnyConnect policy.
If the user's password changes, the cached credentials will be invalidated.
M.
11-23-2023 11:41 PM
Hi marce1000,
Your answer regarding credentials is exactly what we are looking for.
However, I can't find the settings you're referring to. Do you know if the option still exists in AnyConnect or has it been removed?
07-25-2023 08:19 AM
Thank you so much !
Really appreciate your detailed response.
03-12-2024 12:49 AM
Such an option does not exist. Not in AnyConnect and not in Cisco Secure Client.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide