Cisco AnyConnect Client Re-authentication. Possible?

Hi there.

Does anybody know if it's possible to force a user to re-authenticate say, every 30 minutes or so when connected via AnyConnect?
Alternatively, if it's not at all possible, would I be able to set up some sort of prompt, informing a user that his/her session is about to expire?

I've seen the "svc rekey" option but as far as I can tell, this is transparent to the end-user and doesn't actually require that they resend their authentication details. Is this correct?
Who is Participating?
John MeggersConnect With a Mentor Network ArchitectCommented:
I don't think the ASA has this capability natively.  The only way I've seen something similar done was some kind of external NAC product that would require re-authentication.  Not much help, I know....
ddsteamAuthor Commented:
Thanks j.

Honestly, even a response to the negative is helpful at this point. I just need to know if it's possible or not so I can give a final verdict to my superiors.
John MeggersNetwork ArchitectCommented:
I'm curious about the logic behind this requirement.  I can understand re-NACing a host to ensure the user didn't do something like turn off AV, but I'm struggling to understand why you would have them re-authenticate to the VPN even if there's active traffic.  You can time-out the VPN for lack of use -- is that the concern?
ddsteamAuthor Commented:
Thanks jmeggers.
Points assigned accordingly.

And to answer your question, the client wants to be sure that if a user authenticates to the VPN and is then hit over the head by an overeager but otherwise useless hacker, they won't have too much time to do any work before having to re-authenticate. :P
This question has been classified as abandoned and is closed as part of the Cleanup Program. See the recommendation for more details.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.