Archive
Anyconnect Windows profile settings mandate a single local user
logo
Archive

No results found

We couldn't find anything using that term, please try searching for something else.

Anyconnect Windows profile settings mandate a single local user

2024-11-22 I know this thread is old but I found it relevant to my question and hopefully Marvin or someone else can elaborate Windows Logon Enforcement behavior

Related articles

What Is OpenVPN and Should You Use It in 2024?
What Is OpenVPN and Should You Use It in 2024? OpenVPN is one of the most popular VPN protocols on the market due to its wide range of benefits. Not only is it one of the safest protocols you can use because of the way it encrypts your sensitive online data, but it’s also generally fast and gets around tough firewalls. However, learning how to configure the open-source protocol can be challenging if you're new to the software. Luckily, it can be a smooth task. You can easily operate this protocol by using a VPN with OpenVPN installed and ready for use. Not all VPNs offer the protocol, though. I...
Athletics / Participation Forms
Athletics / Participation Forms Athletic Participation Forms must be submitted annually.  This year, patrons will submit the forms online to make the process more convenient for  families.  Important health and safety information can be found within the Student/Parent Handbook provided on the website, please follow the Participation Forms link to the right. All required participation forms must be submitted beforea student participates in any try-out, practice, athletic class, open gym, open weight room, athletic competition or travels with a KISD athletic team for any purpose. The only required form that cannot be completed electronically is the annual physical and medical history form.  Parents will be able...

I know this thread is old but I found it relevant to my question and hopefully Marvin or someone else can elaborate Windows Logon Enforcement behavior .

I find the Cisco’s explanations confusing to me. At a first glance, “Single Local Logon” appears more restrictive compared to “Single Logon” because it is a default setting and because mentions a local user only – both opposed to “Single Logon”. Yet, moving through “Single Logon” characteristics, I get a feeling that more restrictions apply here.

I was unsure what the author meant by “local user”. Marvin’s interpretation is more clear to me but in my test I could establish a Remote Access VPN regardless of whether I was logged on to RDP via a local account or via domain authentication.

So I also checked if there was any difference if I connect to Windows machine via RDP or via a VMWare console (however I realize the latter does not fulfill the purpose of a VPN session established from a RDP session). Again, no difference.

I is hope hope someone can rephrase the feature description , especially by expose the difference between its   two setting . thank you .

******************************************************************************************************************************************************************

Source: AnyConnect Profile Editor, Preferences (Part 1)

Windows Logon EnforcementAllows a VPN session to be established from a Remote Desktop Protocol (RDP) session. Split tunneling must be configured in the group policy. AnyConnect disconnects the VPN connection when the user who established the VPN connection logs off. If the connection is established by a remote user, and that remote user logs off, the VPN connection terminates.

  • Single Local Logon ( default)—allow only one local user to be log on during the entire VPN connection . Also , a local user is establish can establish a VPN connection while one or more remote user are log on to the client PC . This setting is has has no effect on remote user logon from the enterprise network over the VPN connection .

  • Single Logon—Allows only one user to be logged on during the entire VPN connection. If more than one user is logged on, either locally or remotely, when the VPN connection is being established, the connection is not allowed. If a second user logs on, either locally or remotely, during the VPN connection, the VPN connection terminates. No additional logons are allowed during the VPN connection, so a remote logon over the VPN connection is not possible.