Cisco VPN and Azure AD

Antonio Petrelli antonio.petrelli at
Tue Sep 7 01:12:33 PDT 2021

Il giorno mar 7 set 2021 alle ore 09:46 Watts, Brian
<b.watts at> ha scritto:
> Our Cisco VPN has changed to using Azure MFA.
> Opening a connection with Openconnect asks for username and password
> but then just returns to the same prompt.
> I do not get any notifications in the Authenticator app.
> Am I missing some simple piece of configuration?

Hello, in fact I have a similar situation, but with F5. If I am
correct, OpenConnect does not support Azure MFA, so the only way to
connect is using the cookie that you have after the login.
According to here:
you have a "webvpn" cookie in the HTTP exchange. Get it and try to put
it in the command line:
openconnect <the rest of the command line>  --cookie="webvpn=<your
webvpn cookie>"
Do not use username and password.
I don't know if it works, but you should try it and, if it works, it
is the only way to use OpenConnect to connect to your MFA-protected

I hope I did not say anything silly
Antonio Petrelli

More information about the openconnect-devel mailing list