Cisco AnyConnect Auto Login

BaronCSE
Here to help

Cisco AnyConnect Auto Login

Hi Everyone,

 

We just deployed AnyConnect Beta with RADIUS authentication. As of now everything is smooth from admin side but we also want the users to have seamless experience when using Anyconnect.

 

Our problem boils down to "Auto Login" when users start to use Anyconnect they should not be asked log-in credentials time to time. 

 

Does anyone have a solution for this or other techniques we can explore?

 

Note: I've already check the CA based auth, but it seems Meraki doesn't support one time log-in.

12 Replies 12
PhilipDAth
Kind of a big deal
Kind of a big deal

Configure RADIUS to use certificate-based login.

BaronCSE
Here to help

Hey Philip,

 

I checked that one out, it will still require log-in credentials even they have CA.

Inderdeep
Kind of a big deal
Kind of a big deal

@BaronCSE : You can check all details in below link 

https://documentation.meraki.com/MX/AnyConnect_on_the_MX_Appliance/Authentication

 

Regards/Inder
Cisco IT Blogs awarded in 2020 & 2021
www.thenetworkdna.com
BaronCSE
Here to help

Hi Inderdeep,

 

I already check the docs. They don't support the Auto Log-in.

molan
Here to help

@BaronCSE did you ever find a solution to saving the user credentials for auto logon so users are not constantly prompted?

CptnCrnch
Kind of a big deal
Kind of a big deal

There is no solution, at least not using user credentials. If you really want auto logon, just go the certificate based authentication route.

molan
Here to help

I am fine with certs if that is the answer, but it appears enabling certs in the Meraki doesn't remove the need for the users to enter credentials

 

2022_03_15_14_00_36_Client_VPN_Configuration_Meraki_Dashboard_Brave.png

molan
Here to help

https://documentation.meraki.com/MX/AnyConnect_on_the_MX_Appliance/Authentication#Certificate-based_...

 

 2022-03-15 14_05_39-AnyConnect Authentication Methods - Cisco Meraki - Brave.png

 

Please note that AnyConnect on the MX does not support certificate-only authentication at this time. Authenticating users must input credentials once certificate authentication succeeds. If certificate authentication fails, the AnyConnect client will report certificate validation failure.  

  

 

is this incorrect?  because it looks like certificates don't solve the issue

BaronCSE
Here to help

No solutions yet. Even with cert auth they still need to input their creds.

rehnquist
New here

This is a problem, I'm working on a new vMX deployment for client VPN and we need this. Is there still no workaround?

PhilipDAth
Kind of a big deal
Kind of a big deal

There is no work around.

BaronCSE
Here to help

I found an interesting way. Use SAML, you will need to call Meraki support to enable SAML on the dashboard.

Get notified when there are additional replies to this discussion.
Welcome to the Meraki Community!
To start contributing, simply sign in with your Cisco account. If you don't yet have a Cisco account, you can sign up.
Labels