I can find a bunch of documentation on how to install an on premise Azure MFA server however we are already setup for the cloud version of MFA and don't want to migrate on premise with that. I would like to integrate our Cisco ASA VPNs using Cisco AnyConnect Secure Mobility client to use the cloud based Azure MFA and Microsoft Authenticator. Is this possible? Anyone tried this or point me in the right direction on the minimum amount of work to configure this setup?
Here it describes scenario for Citrix and asa
As of July 1, 2019, Microsoft will no longer offer MFA Server for new deployments. New customers who would like to require multi-factor authentication from their users should use cloud-based Azure Multi-Factor Authentication. Existing customers who have activated MFA Server prior to July 1 will be able to download the latest version, future updates and generate activation credentials as usual.
How did you get around with expired password? NPS extension doesn't support renewing expired password. Users are not getting the prompt to renew their password when they login to Anyconnect with Azure MFA