I've managed to make Anyconnect for Win stop from asking for multi-factor - you add your AAD account as "work or school account" and Anyconnect finds it, you tap "connect", then choose your account and VPN's connected.
Is there a way to perform the same maneuver for Linux (say Ubuntu 20) and Mac? I don't see a way to add Office365 account to these.
I did integration of AnyConnect with AAD using SAML before. However, these were corporate devices, which were enrolled in Intune (equivalent of AD Join for on-prem infrastructure), so no workaround was required (no manual account adding was required).
Same way, we did integration for Mac devices as well, as those too are managed by Intune, and SSO works on Mac same way as on Windows.
I don't know if Linux is also Intune manageable, but, if it is, I would expect same behavior like on any other OS for SSO.
Either way, this is more of a question for operating system than it is for AnyConnect.
Site to Site IPSec VPN with Dynamic IP Endpoint is typically used when we have a branch sites which obtains a dynamic public IP from the Internet ISP. For example an ADSL connection.One important note is that Site-to-Site VPN with Dynamic remote routers P...
On R1, configure a key ring that defines the peer R3:Address: 184.108.40.206Local and remote pre-shared key: cisco R1(config)#crypto ikev2 keyring KRR1(config-ikev2-keyring)# peer R3R1(config-ikev2-keyring-peer)# address 220.127.116.11R1(config-ikev2-keyring-pee...
This document shows how to use the Port Radius NAS PORT Id Attribute in a compound condition to control access with 802.1X.A user jdoe is allowed to access the network only through the physical port FastEthernet 0/1 of the switch and the user jwhite is al...
This document provides a configuration example of Security Assertion Markup Language (SAML) Authentication on FTD managed over FDM. The configuration allows Anyconnect users to establish a VPN session authenticating with a SAML Identity Serv...
DMVPN Dual Hub Dual Cloud Pros and ConsProsNo single point of failureQuick failover if routing protocols are tunedLoad balancing is easyTraffic engineering is easyEasy to work with multiple ISPsConsNeed 2 tunnels per spokeConfiguration is more complicated...