Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
697
Views
0
Helpful
1
Replies

Force Anyconnect to connect after windows login

sam cook
Spotlight
Spotlight

‎10-17-2018 04:25 AM - edited ‎02-21-2020 09:29 PM

Hi,

 

Can any one help me to find out how to Force Anyconnect to connect  automatically after windows login using xml profile and certificate authentication ?

 

the action should be completly transparent to enduser .

 

thank you in advance 

 

regards, 

Labels:
0 Helpful
1 Reply 1

Rahul Govindan
VIP Alumni
VIP Alumni

‎10-17-2018 05:21 AM

I would recommend using the Trusted Network detection and Always-On feature of Anyconnect. When Anyconnect detects that the user is not on an internal trusted domain, it can force a connection to the ASA head-end specified in the xml profile. If you set up certificate authentication on the ASA tunnel-group, then this would be seamless to the user as well. 

 

A good example is given in the video below:

http://www.labminutes.com/sec0135_ssl_vpn_anyconnect_secure_mobility_always_on_vpn

 

This is also explained here:

https://www.cisco.com/c/en/us/td/docs/security/vpn_client/anyconnect/anyconnect40/administration/guide/b_AnyConnect_Administrator_Guide_4-0/configure-vpn.html#topic_BD02A53E0A714E23A56850698C830A6C

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents