Meraki

Community

Azure SAML and Anyconnect freezing (white screen) after authenticating with MFA

Shafenator
Here to help
‎Oct 25 2023 6:38 AM
‎Oct 25 2023 6:38 AM

Azure SAML and Anyconnect freezing (white screen) after authenticating with MFA

Just curious if anyone else is reporting this issue. We have had a ticket open with Meraki for over a month and their development team is currently investigating. This issue occurs on multiple versions of anyconnect mobility client and we also tried the secure client with same outcome.

 

We have about 2 dozen users reporting this issue and it occurs to myself. I can usually recreate the issue if I log off and sign-in consecutively a few times. 

 

When a user logs in to anyconnect they are presented with the Azure sign-in. The user inputs their username and password and are prompted for MFA. After acknowledging MFA, the screen changes to white and basically freezes until the anyconnect client times out. 

 

I have a workaround and when you refresh the white screen using F5 and "reconfirm resubmission" it then logs in with no issues. 

 

When I look at Azure sign-in logs I can see the MFA response and everything appears to be healthy but for some reason Anyconnect is not getting the reply back from Azure until you refresh the page. Anyconnect Frozen Screen.png

Labels:
0 Kudos
10 Replies 10
alemabrahao
Kind of a big deal
Kind of a big deal
‎Oct 25 2023 6:52 AM
‎Oct 25 2023 6:52 AM

Any firewalls that could be blocking the Azure/Microsoft addresses?

I am not a Cisco Meraki employee. My suggestions are based on documentation of Meraki best practices and day-to-day experience.

Please, if this post was useful, leave your kudos and mark it as solved.
0 Kudos
In response to alemabrahao
Shafenator
Here to help
‎Oct 25 2023 7:43 AM
‎Oct 25 2023 7:43 AM

We have MX firewalls but nothing being blocked as far as we can see. 

0 Kudos
PhilipDAth
Kind of a big deal
Kind of a big deal
‎Oct 25 2023 1:10 PM
‎Oct 25 2023 1:10 PM

A bug fix for this issue has just come out today.  Time to upgrade your MX.

0 Kudos
In response to PhilipDAth
Shafenator
Here to help
‎Feb 7 2025 6:47 AM
‎Feb 7 2025 6:47 AM

Sorry to revive something so old but do you have a link to this? We have upgraded our MX several times since this started happening.

0 Kudos
Shafenator
Here to help
‎Feb 7 2025 6:46 AM
‎Feb 7 2025 6:46 AM

Wild to me that this is still happening after upgrading to Windows 11 and multiple MX upgrades and Secure Client Upgrades. Support was stumped a while back, so I just gave up since I have a workaround. Most of the users gave up bothering me too since a lot of them rarely use VPN anymore with everything being cloud driven. 

Anyone have this still happening to them or have come across a confirmed fix or bulletin? 

Currently on Secure Client 5.1.7.80
Our MX is an Azure Virtual MX version 18.211.2

2-7-2025 9-38-17 AM.png

0 Kudos
CMTech1
Getting noticed
‎Apr 28 2025 5:29 AM
‎Apr 28 2025 5:29 AM

Same here.

 

We've been experiencing this ongoing issue with AnyConnect, currently on version 5.1.7.80, though the problem has persisted through multiple previous versions over the past year. The issue arises after users get to the prompt asking whether to stay signed in (Yes or No). Selecting either option sometimes results in a white or ghosted screen, effectively freezing the process and have to X out and start again.

 

I contacted Meraki support about this issue last fall. At the time we were running an earlier version of MX firmware and an earlier version of AnyConnect, but the problem persisted even after upgrading both even to this day. We are currently on v5.1.7.80 as well as the MX's now at v18.211.5.2 and still happened to me again this morning. Meraki support concluded that the root cause lies with Azure MFA and not with AnyConnect. Makes we wonder is it Azure MFA, anyone else having the issue who's not using Azure MFA?

 

 

0 Kudos
In response to CMTech1
Shafenator
Here to help
‎Apr 28 2025 7:13 AM
‎Apr 28 2025 7:13 AM

Frustrating... As a workaround if your end users get the frozen screen just have them press F5 and it will refresh the page and log in. 

In response to Shafenator
CMTech1
Getting noticed
‎Jun 9 2025 10:17 AM
‎Jun 9 2025 10:17 AM

F5 is the band aide we're using now as well. Meraki seemed to indicate it's an Azure issue, at least in our case since using Azure MFA.

0 Kudos
JasperVB
New here
‎Jun 6 2025 12:37 AM
‎Jun 6 2025 12:37 AM

One of my colleagues had the same problem at home. Turned out to be IPv6, so we disabled it in the (wireless) network adapter. I guess you can also disable it completely in the router at the client side, for instance at home.

0 Kudos
Di_Vino
Conversationalist
‎Jun 10 2025 3:04 PM
‎Jun 10 2025 3:04 PM

Dont Forget to allow tcp/443 AND UDP/443 on your azure FW ouside to inside. thats why you have this issues.

 

br,

0 Kudos
Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco ID. If you don't yet have a Cisco ID, you can sign up.
Labels
© 2025 Cisco Systems, Inc.