12-13-2016 01:43 PM
I am trying get my guest sponsor portal in ISE to use SSO with CA Siteminder (aka CA Single Sign-On). I know that CA Siteminder isn't on the official list of the six SSO products that have been tested to work with ISE, but it is SAML v2 compliant and in theory should work.
We are having some issues getting the integration to work, likely due to some issues with the attribute information being passed back and forth. So far no luck though.
We are running ISE 2.1 with the most recent patches.
Solved! Go to Solution.
12-13-2016 02:03 PM
I would suggest to open a TAC case as we would need the debug logs from your deployment and see how the IdP is configured in ISE.
If you have multiple PSNs, please simplify the initial testing and debugging to one of them.
ISE Admin web UI > Administration > System > Logging > Debug Log Configuration, select the PSN in testing, and change the logging level for the following:
guestaccess DEBUG
portal-web-action DEBUG
saml TRACE
Re-run the scenario and note the time of the run. Then, download ise-psc.log and guest.log.
12-13-2016 02:03 PM
I would suggest to open a TAC case as we would need the debug logs from your deployment and see how the IdP is configured in ISE.
If you have multiple PSNs, please simplify the initial testing and debugging to one of them.
ISE Admin web UI > Administration > System > Logging > Debug Log Configuration, select the PSN in testing, and change the logging level for the following:
guestaccess DEBUG
portal-web-action DEBUG
saml TRACE
Re-run the scenario and note the time of the run. Then, download ise-psc.log and guest.log.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide