On 2021-01-31, Predrag Punosevac <punoseva...@gmail.com> wrote: >> On Sun, 2021-01-31 at 21:41 +0300, somebody from mother Russia wrote: >> > Hello, >> > Our employer decided that AnyConnect Secure Mobility Client with >> > multifactor Azure authentication is the only secure option to connect >> > to >> > work. No alternatives, no discussions. >> > There are packages for Windows and Linux only. >> > Did anybody succeed in running vpn clients compatible with all that >> > funny stuff? >> > >> >> Hi, >> >> have you tried your luck with Openconnect? It's in packages. I've had >> luck with that at least on Linux side on my work laptop.
If openconnect doesn't work directly with Azure MFA there's a fair chance someone else has done it, so worth searching around for clues. > I have been using Openconnect for a while and with exception of the 6.8 > release cycle it worked perfectly. At the beggining of the 6.8 release > cycle OpenBSD package was "broken". I am not sure if it was OpenBSD SSL > stack or the server side (Cisco black box) but I just tried again today > and there was no error. openconnect uses gnutls not libressl so I would guess at more likely an issue on the server side.
