Users are Redirected to the Cisco ASA VPN Login Window after Completing MFA Prompt
Nov 6, 2025
Integrations
Administration
Okta Classic Engine
Multi-Factor Authentication
Okta Identity Engine
Overview
This article addressed the issue encountered in the following behavior:
- Open the Cisco VPN client.
- Enter username and password.
- Enter the corresponding number to the appropriate second factor.
- Click Continue.
- Complete the MFA challenge.
- The user is redirected to the VPN login form again.
The behavior is inconsistent; for example, the second attempt fails too, but it works on the third attempt.
Applies To
- Cisco ASA VPN RADIUS
- AAA server
Cause
Solution
- Increase the Timeout (seconds) to 60 seconds on the AAA server. (Part 3 - Step 2 - #4)
- Verify that the Accounting Server Group value is None as shown in the doc (Part 4 - Step 7)
