AnyConnect username field

Unanswered Question
Feb 9th, 2009

I was wondering if there is a setting on the ASA that will prevent the AnyConnect client from saving and displaying the username that was last used to create a VPN connection. I was originally going to force the end user to re-install the AnyConnect client for each connection, but this makes the connection time that much longer...

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
DJCanuck1_2 Thu, 02/19/2009 - 07:50

I'm not sure how your comment applies to my question. We do not use local authentication. These particular connections are authenticated through Cisco ACS. I'm trying to find the mechanism that saves the password in the username field of the AnyConnect Client on the remote host.

Ivan Martinon Thu, 02/19/2009 - 08:17

I am not sure if there is such thing as to enable the AnyConnect to avoid displaying the username, there is a save password option on the group-policy you can try to disable that and see if it makes a difference but I don't think it will help, a more drastic solution will be to have AnyConnect client removed everytime the user logs out.

ansalaza Thu, 02/19/2009 - 08:31

From your description sounds more like a cached credential on the PC, than the ASA keeping the user information in your browser.

Attachment Keywords

1) IE AutoComplete.bmp - IE Auto Complete Forms

Are you downloading a User Profile?

An AnyConnect client profile is a group of configuration parameters, stored in an XML file, that the client uses to configure the connection entries that appear in the client user interface. The client parameters (XML tags) include the names and addresses of host computers and settings to enable additional client features.

http://www.cisco.com/en/US/docs/security/vpn_client/anyconnect/anyconnect20/administrative/guide/admin7.html#wp999702

DJCanuck1_2 Thu, 02/19/2009 - 08:45

You have tweaked my memory and I previously did find the username in the .XML file that downloads to the host machine under the current user profile. We don't use a "User Profile" per say, but the ASA probably uses the default Connection Profile for this. Maybe I can create a User Profile that will not cache the username...thanks for the info!

Actions

This Discussion