Cisco VPN and Azure AD
Antonio Petrelli
antonio.petrelli at gmail.com
Tue Sep 7 01:12:33 PDT 2021
Il giorno mar 7 set 2021 alle ore 09:46 Watts, Brian
<b.watts at ucl.ac.uk> ha scritto:
> Our Cisco VPN has changed to using Azure MFA.
> Opening a connection with Openconnect asks for username and password
> but then just returns to the same prompt.
> I do not get any notifications in the Authenticator app.
> Am I missing some simple piece of configuration?
Hello, in fact I have a similar situation, but with F5. If I am
correct, OpenConnect does not support Azure MFA, so the only way to
connect is using the cookie that you have after the login.
According to here:
http://www.infradead.org/openconnect/anyconnect.html
you have a "webvpn" cookie in the HTTP exchange. Get it and try to put
it in the command line:
openconnect <the rest of the command line> --cookie="webvpn=<your
webvpn cookie>"
Do not use username and password.
I don't know if it works, but you should try it and, if it works, it
is the only way to use OpenConnect to connect to your MFA-protected
VPN.
I hope I did not say anything silly
Antonio Petrelli
More information about the openconnect-devel
mailing list