I have a VPN tunnel where users connect and authenticate with an AD account. It works fine witrhout MFA. We now want to enable MFA.
I followed the instructions from the Microsoft site (Tutorial: Microsoft Entra single sign-on (SSO) integration with Cisco AnyConnect - Microsoft Entra | Microsoft Learn) and get this error “Unable to update the session management database.”
On the ASA I ran "debug webvpn saml 255" and it reports success for authentication. "SAML AUTH: authentication success".
I have done many seraches and cannot find anyting related to this. I would appreciate any help.
Cisco Adaptive Security Appliance Software Version 9.16(4)
SSP Operating System Version 2.10(1.217)
Device Manager Version 7.20(1)
The AnyConnect client version is 4.10.05111.