AnyConnect (Windows) Client - where to start?
I'm feeling dumb. I have literally hundreds of entries in my RDM (free version, 24.03.26.0 on windows 10). All work great, except I never got AnyConnect to work so decided to try again. I have AnyConnect 4.10.08029 and use it with a dozen or so sites about half with 2FA (Duo) and some without.
Decided to start with one without and I am kind of lost. It invokes a CLI version of anyconnect (apparently). It appropriately does a "connect anyway" (this client has no cert).
Then it prompts for the group name, and puts the username there, and obviously nothing works from there on. If I manually intervene quickly enough, I can re-enter my credentials and it connects.
I've been staring at screens without success -- there's probably a "group" prompt I just do not see?
Is there a general user manual for this addon that includes these details? All I've seen is a few knowledgebase posts on specific subjects, and a lot of forum posts.
On another we use Duo 2FA. I get nowhere with that -- the CLI runs, and closes before I can see what it says (is there a way to make it stop, or capture it to a log)? Will AnyConnect with Duo SSO work?
I realize I am probably not giving anyone enough information but not sure what you might need (or as above how to capture it). What I'm hoping for is a "did you follow these instructions" and a pointer? Because I didn't find them and so didn't follow them.
Linwood
All Comments (6)
Almost as soon as I posted the above I found "group number"... wasn't looking for a number, but I can work with that. And it does work.
But... Duo? The window closes before I can read it?
Duo: the error (I did a video) is "The requested Authentication type is n ot supported in Anyconnect CLI".
And the Gui is supported or not? I see it mentioned in some forum posts?
Hello,
Thank you for reaching out to us regarding this,
Could you please specify the version of RDM you are currently using?
What type of data source are you using?
I will also send you a private message so that you provide me the recording you made.
Best regards,
Samuel Dery
I put the RDM version in the first posting. I don't understand "data source", but if you mean where the setups are stored it's local, it says version V1.149 and "connections.db". I'm connected (outside of RDM) to a customer and will be working for a couple hours, but will try to get a more readable recording then to send., however there's nothing useful in there other than the noted error above.
Hello,
Thank you for your reply and for the recording,
I see, RDM is simply using the provided information in the entry Properties and using the command line interface to start this VPN I'm afraid we do not have a way to perform this using the GUI.
The error message seems to coming directly from Cisco AnyConnect, I've tried looking into it in their documentation to confirm if this should work or not but was unable to find anything conclusive, my recommendation would be to reach out to them and confirm if that is something that should work using the CLI.
The only thing Ive found is a feature request from a User about SAML Auth
Best regards,
Samuel Dery
Yea, that bug/feature request seems entirely on point. I added myself to monitor it. Thank you for digging in; my guess is this may start happening more and more as people are pushed to doing 2FA at clients, etc.
Thanks again for a great product.