Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
628
Views
0
Helpful
7
Replies

Cisco AnyConnect not prompting for username, password and MFA

SatishJ11
Level 1
Level 1

‎08-23-2024 05:51 AM - edited ‎08-23-2024 05:52 AM

Hi All,

Last week I have upgraded by ASAv Firewall from 9-20-2-22 to 9-20-3 post that AnyConnect is not prompting for username, password and MFA(SAML) are not prompting for corporate laptops, if I access the VPN URL from external VPN prompts for username, password followed by MFA. Did anyone face this issue ? And if I want to enable authentication what needs to be done ?

Regards,

SJ

Labels:
0 Helpful
7 Replies 7

ccieexpert
Spotlight
Spotlight

‎08-23-2024 11:59 AM

you mean when you access it from a browser it works fine ? please attach a DART https://www.cisco.com/c/en/us/support/docs/security/secure-client/221919-collect-dart-bundle-for-secure-client.html

also any screenshots of what the ui is showing ?

0 Helpful

SatishJ11
Level 1
Level 1
In response to ccieexpert

‎08-26-2024 04:04 AM

I mean to say if I access my VPN URL with FQDN in Cisco AnyConnect client, for corporate laptops it's not asking for username, password and MFA. It's official so I will not be able to share DART.

0 Helpful

Marius Gunnerud
VIP
VIP
In response to SatishJ11

‎08-26-2024 06:03 AM

Interesting, I do know that sometimes you need to remove and add back the SAML configuration to make it work again.  Have you done that? 

--
Please remember to select a correct answer and rate helpful posts
0 Helpful

SatishJ11
Level 1
Level 1
In response to Marius Gunnerud

‎08-27-2024 05:17 AM

I can try this today and update here

0 Helpful

SatishJ11
Level 1
Level 1
In response to Marius Gunnerud

‎09-06-2024 12:43 AM

I have readded the SAML config under webvpn and tunnel-group, still no luck.

0 Helpful

ccieexpert
Spotlight
Spotlight
In response to SatishJ11

‎08-26-2024 09:36 AM

can you make sure this is enabled:

Request IDP re-authentication at login—Select this option for the user to re-authenticate at each login, rather than have the SAML server re-use a previous authentication session. This option is enabled by default.

Also, use a browser incognito window to browse to the same url and see if there is a redirection and prompt for user/password / mfa.

0 Helpful

SatishJ11
Level 1
Level 1
In response to ccieexpert

‎09-06-2024 12:45 AM

If I try in incognito window, VPN is asking for credentials.

What I could observe is that, that system which are connected to Windows like Microsoft Office 365 or say registered in Intune, those systems are getting connected to VPN automatically.

0 Helpful
Customers Also Viewed These Support Documents