Cisco AnyConnect what happens if you forget your phone

rseals1 · ‎01-08-2018

OK, I have Duo working with Cisco AnyConnect client (not the SSL website). The question is, what happens if a user forgets their phone? I don’t understand how they would be able to authenticate with the Cisco AnyConnect client without the Duo Mobile app.

DuoKristina · ‎01-08-2018

A single Duo user can have multiple authentication devices. You’d want to make sure that your users have a backup device attached that they can use if they forget their (primary) phones.

These backup devices could be:

A second phone (mobile or landline)
A hardware OTP token
A temporary bypass code

In the AnyConnect interface, you’d specify the alternate device by name or enter the passcode in the secondary auth prompt. So a user could enter a six digit code from a hardware token, or specifying calling their second phone with “phone2”, etc. Our AnyConnect user guide has more examples.

Thanks for trying Duo!

Duo, not DUO.

rseals1 · ‎01-08-2018

OK but I’m using the AnyConnect Client and my logon screen look like this (see attached)

After I put my network password in I get a push authentication from Duo and I just hit approve on my cell.

DuoKristina · ‎01-08-2018

Which Cisco deployment instructions did you use?

It seems like you might have used these instructions? If so, you should be able to append your factor choice to your password as documented here.

Duo, not DUO.