Meraki

Community

AnyConnect Auto Connect After Login Without Password (Meraki MX)

Solved
jOMeraki2
Getting noticed
yesterday
yesterday

AnyConnect Auto Connect After Login Without Password (Meraki MX)

Hi,

I’m using Cisco AnyConnect with a Meraki MX.

Is there a way to make the VPN connect automatically after the user logs in, without asking for username and password every time?

Maybe using SSO?

Thanks!

Labels:
0 Kudos
1 Accepted Solution
alemabrahao
Kind of a big deal
Kind of a big deal
yesterday
yesterday

Only using certificate-based authentication.

 

Sentry AnyConnect VPN is a special Cisco Meraki integration between MX and Systems Manager (SM) enrolled devices. This allows secure and automatic certificate-based Always-On AnyConnect VPN for SM managed devices. SM managed devices will be sent all the necessary configurations, certificates, and app settings for an Always-On VPN tunnel back to the MX. For SM enrolled devices, the end users are not interrupted with any authentication/setup steps and the VPN tunnel will open automatically

 

https://documentation.meraki.com/SASE_and_SD-WAN/MX/Design_and_Configure/Configuration_Guides/Client....

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.

View solution in original post

2 Replies 2
alemabrahao
Kind of a big deal
Kind of a big deal
yesterday
yesterday

Only using certificate-based authentication.

 

Sentry AnyConnect VPN is a special Cisco Meraki integration between MX and Systems Manager (SM) enrolled devices. This allows secure and automatic certificate-based Always-On AnyConnect VPN for SM managed devices. SM managed devices will be sent all the necessary configurations, certificates, and app settings for an Always-On VPN tunnel back to the MX. For SM enrolled devices, the end users are not interrupted with any authentication/setup steps and the VPN tunnel will open automatically

 

https://documentation.meraki.com/SASE_and_SD-WAN/MX/Design_and_Configure/Configuration_Guides/Client....

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
GIdenJoe
Kind of a big deal
Kind of a big deal
yesterday
yesterday

This document has not been updated in a while (https://documentation.meraki.com/SASE_and_SD-WAN/MX/Design_and_Configure/Configuration_Guides/Client...) However it says there that Cert only authentication is a beta feature.

 

You can always configure always-on in the Secure Client VPN profile editor however to avoid any login prompts you would indeed need to be able to use certificates only to avoid the login prompt.  However this does present security issues because you are not using MFA at that point.

 

Inside the profile editor you can configure a DNS check that will see if you are on the local network of the company or not (trusted network).  If not it will automatically create the VPN.

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2026 Cisco Systems, Inc.