Hi,
I have and an environment with Microsoft Entra ID, providing SAML/SSO for administration access to ISE. Internally this works, and administrators are able to login using their Entra Creds.
I also have Zscaler, and use the Client Portal to provide web based access to a variety of things for 3rd partys/contractors. The Zscaler Client portal, only listens on port 443, and 80. It can redirect traffic to to other ports internally. However to do so, i'd need to be able to change the URL of the SSO binding.
my ise server's host name is akl-01.radius.XXX.cloud and it reponds on 443 as expected. The configuration provides this location for the SAML assertion. You can see the base URL is the same. and that is where i get unstuck.
<md:AssertionConsumerService Binding="urn:oasis:names:tc:SAML:2.0:bindings:HTTP-POST" Location="https://akl-01.radius.XXXXX.cloud:8443/portal/SSOLoginResponse.action" index="0"/>
Is it possible for me to set up a different Host name for the assertion? something like akl-01.saml4radius.XXXX.cloud ?
If i coudl do this, it would allow me to do some redirections..