Sunday, January 31, 2021

Re: Cisco AnyConnect Secure Mobility Client Alternatives with MFA?

On 2021-01-31, Predrag Punosevac <punosevac72@gmail.com> wrote:
>> On Sun, 2021-01-31 at 21:41 +0300, somebody from mother Russia wrote:
>> > Hello,
>> > Our employer decided that AnyConnect Secure Mobility Client with
>> > multifactor Azure authentication is the only secure option to connect
>> > to
>> > work. No alternatives, no discussions.
>> > There are packages for Windows and Linux only.
>> > Did anybody succeed in running vpn clients compatible with all that
>> > funny stuff?
>> >
>>
>> Hi,
>>
>> have you tried your luck with Openconnect? It's in packages. I've had
>> luck with that at least on Linux side on my work laptop.

If openconnect doesn't work directly with Azure MFA there's a fair chance
someone else has done it, so worth searching around for clues.

> I have been using Openconnect for a while and with exception of the 6.8
> release cycle it worked perfectly. At the beggining of the 6.8 release
> cycle OpenBSD package was "broken". I am not sure if it was OpenBSD SSL
> stack or the server side (Cisco black box) but I just tried again today
> and there was no error.

openconnect uses gnutls not libressl so I would guess at more likely an
issue on the server side.

No comments:

Post a Comment