cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
3474
Views
0
Helpful
1
Replies

Anyconnect using LDAP and cached authentication credentials

Terry Pattinson
Level 1
Level 1


Is there any way to cache Windows login credentials and use them to authenticate an Anyconnect VPN to an ASA with LDAP-based AAA authentication configured?

Thanks,

Terry

PS - already asked but not answered back in June 2012:

https://supportforums.cisco.com/thread/2155853

1 Reply 1

Jatin Katyal
Cisco Employee
Cisco Employee

I was going through the knowledge base and documentation. I guess An Enhancement request was opened for that matter : CSCsh20863 AnyConnect client should provide option to save username and password. Which seems that it will be not implemented because of the security implications involved with introducing such feature , so there is no way to do this.

There is other enhancement. CSCsx76993    ENH: Make Anyconnect configurable to not cache credentials

Read this from the enhancement request: Anyconnect stores username  credentials within the preferences.xml file on machines.  So when client  is relaunched, the username is populated which could be a security  risk. So, it talks about only username. Since It  already save the username so lots of other customers don't want this to happen.

We could think of SSO.Unfortunately Single Sign On only works for Clientless SSL VPN, not AnyConnect SSL VPN.

~BR
Jatin Katyal

**Do rate helpful posts**

~Jatin
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: