Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1555
Views
0
Helpful
1
Replies

CSCvw59876 - ASA "Potential CSRF attack detected." when SAML assertion validation fails - 1

BlackLynx
Level 1
Level 1

‎07-15-2021 09:38 AM

I'm receiving this same issue. I've tried upgrading to 9.16, as well as downgrading to the latest stable release of 9.14. I've regenerated the AzureAD certificate. I've verified all configuration steps with both the Cisco documentation and the Microsoft documentation. This was working with no issues, then just randomly started having this issue. It then went away and functioned normally for about 3 days and now is back to the false CSRF errors.

3 people had this problem
Labels:
0 Helpful
1 Reply 1

JohnKimble
Level 1
Level 1

‎07-06-2023 01:14 AM

Hi
I know this is an old post, but for anyone who still have this issue, here is what I did. After confirming all my URLs were correct, I resolved the issue by removing the default value of 300ms in Request Timeout, under Single Sign-On server profile. Removing the 300ms, sets Timeout to "Use the timeout set by the Provider". Everything works great now. You can read more about it under "SAML Timeout section" here https://www.cisco.com/c/en/us/td/docs/security/asa/asa916/asdm716/vpn/asdm-716-vpn-config/webvpn-configure-users.html
Hope this helps

0 Helpful
Customers Also Viewed These Support Documents