Cisco Anyconnect Switch User

Clients and VMs and VPNs, Oh My! As regular readers of this blog may be aware, I recently hung up my technical evangelist hat, and made the jump back into full-time consulting. Consistent with best practices, I decided that when working with a new client, the best course of action would be to set up Continue reading Cisco AnyConnect and Hyper-V – Connect to a VPN from Inside a VM Session. He means fast user switching in windows, so you can get an account to log into the domain. I'm assuming you're using windows xp. Anyconnect runs like standard vpn, so the answer is yes. The newest generation of remote access VPNs is offered from Cisco AnyConnect SSL VPN client. This is supported by Cisco ASA 8.x. The AnyConnect SSL VPN provides the best features from both of the other VPN technologies (IPSec and Web SSL). With AnyConnect, the remote user has full network connectivity to the central site. How to enable Cisco Anyconnect VPN through Remote Desktop 60.7k views; VMWare ESXi 5.1/5.5 free license key 29.4k views; How to kill, logoff, or disconnect a Cisco ASA remote access VPN session 26.9k views. Method one: Click Startthen click All Programs. Click the Ciscofolder; click the Cisco AnyConnect Secure Mobility Client folder, then rightclick the Cisco AnyConnect Secure Mobility Client icon. This will bring up a list of options. Hover over Send to, then click Desktop (create shortcut).

  1. ASA 8.x VPN Access With The AnyConnect SSL VPN Client Configuration Example
  2. Cached
  3. Cisco Anyconnect Switch User Guide

Cisco AnyConnect does not support fast user switching which means Cisco NAM module only allows a single user to be logged in versus like Microsoft you can login with one user and choose switch user and log in with other username while the first one is still logged in.

This is also useful when the user is not able to login to the laptop using the cached credentials.


The exact error message is ”There are no logon server available to service the logon request””

Below is the article that supports the argument of fast user switching not supported as o 9/24/2015 and is a feature request to be added to the newer Cisco AnyConnect Clients

Below is the error message you would get when logon is denied

There is a workaround by modifying the registry keys in Windows but then it beats the purpose of have DOT1x authentication in the first place – high level on what happens when the registry workaround is place is that when the first user logs in then he is authenticated against ISE and when the second user logs then credentials from the first users are sent to ISE which is not ideal and can only be used as a workaround in other words, a separate dot1x process is not going to happen when the second user logs in at the windows lock screen. The second user will use the access provided based on the first user authentication

ASA 8.x VPN Access With The AnyConnect SSL VPN Client Configuration Example

Below is the registry key for the fix


HKEY_LOCAL_MACHINESOFTWAREMicrosoftWindowsCurrentVersionAuthenticationCredential Providers{B12744B8-5BB7-463a-B85E-BB7627E73002}REG_DWORD EnforceSingleLogon needs to be set to 0

Cisco Anyconnect Switch User Guide

Thanks for reading this and I hope it has helped.