Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2080
Views
15
Helpful
8
Replies

Start before logon feature

Go to solution
Xavier Lloyd
Level 1
Level 1

‎09-21-2012 11:30 AM

Hi All,

I have a customer who wants to do start before logon Anyconnect VPN. I can't find anything about the user experience. Is it possible to make the whole process transparent to the end user so that they only have to login once to Windows and it will take those credentials to login to Anyconnect as well? Do I have to use certificates for authentication? Also, are there any gotchyas I need to be aware of?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Javier Portuguez
Level 9
Level 9
In response to Xavier Lloyd

‎09-21-2012 02:01 PM

Xavier,

The user logs in normally, the client automatically downloads the Gina Module (SBL) and the XML profile with SBL option set to true (all this during the connection process).

So the user will not notice this process at all.

Keep me posted.

Portu.

Message was edited by: Javier Portuguez

View solution in original post

8 Replies 8

Go to solution
Javier Portuguez
Level 9
Level 9

‎09-21-2012 12:47 PM

Hello Lloyd,

Please check this out:

ASA 8.X: AnyConnect Start Before Logon Feature Configuration

Things to keep in mind:

Move all the related certificates to the machine certificate store.

Let me know if you have any questions.

Thanks.

Portu.

Please rate this post if you find it helpful.

Go to solution
Xavier Lloyd
Level 1
Level 1
In response to Javier Portuguez

‎09-21-2012 01:56 PM

Hi Javier,

Thanks for the response! I had seen this document already but I realised that it didn't really give me a good idea of the user experience when it is implemented. Does the user have to log in twice or just once? Is the Anyconnect transparent and can I configure it to be completely hidden from the end user? I think I've seen the config somewhere but I can't find it.

Thanks much!

- Xavier

0 Helpful

Go to solution
Javier Portuguez
Level 9
Level 9
In response to Xavier Lloyd

‎09-21-2012 02:01 PM

Xavier,

The user logs in normally, the client automatically downloads the Gina Module (SBL) and the XML profile with SBL option set to true (all this during the connection process).

So the user will not notice this process at all.

Keep me posted.

Portu.

Message was edited by: Javier Portuguez

Go to solution
Xavier Lloyd
Level 1
Level 1
In response to Javier Portuguez

‎09-24-2012 07:31 AM

Thanks for the info, I'm going to try to test this in house.

Go to solution
Javier Portuguez
Level 9
Level 9
In response to Xavier Lloyd

‎09-24-2012 07:41 AM

Awesome, feel free me to ping me back at any time.

Have a good one.

Take care.

0 Helpful

Go to solution
Xavier Lloyd
Level 1
Level 1
In response to Javier Portuguez

‎10-01-2012 09:34 PM

Hi Javier,

I configured the SBL feature and almost got it working. I think there's an issue with my certificate setup so once I resolve that I should be fine. One thing though...I was wondering if there's a way to connect the VPN without any user interaction at all. Currently, I'll still need to click the VPN connect button after I press ctrl+alt+del. Is there any way to configure it to connect automatically without the user having to do anything?

-Xavier

0 Helpful

Go to solution
Javier Portuguez
Level 9
Level 9
In response to Xavier Lloyd

‎10-02-2012 11:26 AM

Hi Xavier,

No, that combination is required.

Thanks.

Portu

0 Helpful

Go to solution
Xavier Lloyd
Level 1
Level 1
In response to Javier Portuguez

‎10-02-2012 12:50 PM

Thanks. Now that I've configured it and tested fully, I think the automatic login on startup is the feature I actually need. Thanks for your help man

0 Helpful
Customers Also Viewed These Support Documents