Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1834
Views
15
Helpful
3
Replies

Disable Active Session AnyConnect

vladb2
Level 1
Level 1

‎10-26-2020 09:26 AM

Hello, 

 

Assuming I identify an user with a compromised account, is there any way to disable his active Cisco AnyConnect VPN sessions?

 

Thanks!

Labels:
0 Helpful
3 Replies 3

Rob Ingram
VIP
VIP

‎10-26-2020 09:30 AM

Hi @vladb2 

How is this user authenticated? If using username/password either with a local account on the ASA or LDAP/Active Directory, just disable the account and that should stop them authenticating on the VPN.

HTH

Aref Alsouqi
VIP
VIP

‎10-26-2020 10:06 AM

If you want to end an active user session, use the command vpn-sessiondb logoff name <the username of that session>.

Marvin Rhoads
Hall of Fame
Hall of Fame

‎10-26-2020 10:28 AM

What @Aref Alsouqi said will kill the current session. Before doing that also be sure to deactivate the account in whatever aaa server method(s) is/are used (local, AD etc.) as @Rob Ingram noted.

Customers Also Viewed These Support Documents