To troubleshoot why your Cisco VPN is not asking for a CAC pin, you can follow the steps below:

1. Check if the CAC pin requirement is enabled on the ASA:
- Open the VPN Profile Editor and choose Preferences (Part 1) from the navigation pane.
- Make sure the "Enable CAC" option is checked.

2. Verify that the CAC card reader is properly connected to the computer and functioning correctly. Ensure that the card reader drivers are installed and up to date.

3. Check if the correct certificates are installed on the computer. The CAC card should have a valid client certificate that is trusted by the ASA. You can check this by opening the Certificate Manager on the computer and navigating to the "Personal" certificate store. Ensure that the CAC certificate is present.

4. Verify that the AnyConnect client is configured to use CAC authentication:
- Open the VPN Profile Editor and choose Authentication ) Certificate in the navigation pane.
- Make sure that "Certificate" is selected as the primary authentication method.
- Ensure that the correct certificate is selected in the Certificate field.

5. Ensure that the AnyConnect client is up to date. Check for any available updates on the Cisco website and download/install them if necessary.

If the above steps do not resolve the issue, you may need to consult with your IT department or contact Cisco support for further assistance.