cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

1650
Views
0
Helpful
1
Replies

Cisco ASAv Anyconnect SSO (SAML) with Azure

Hello,

 

I have configured Anyconnect on ASAv and configured SAML authentication with Azure.

 

When I test the SSO using web I am redirected back to the same asa logon page.

 

With Anyconnect client its says "Authentication failed due to problem retrieving the single sign-on cookie".

!

Cisco Adaptive Security Appliance Software Version 9.12(3)12
SSP Operating System Version 2.6(1.198)
Device Manager Version 7.12(2)14

!

webvpn
enable Outside
hsts
 enable
 max-age 31536000
  include-sub-domains
  no preload
anyconnect image disk0:/anyconnect-win-4.8.03043-webdeploy-k9.pkg 1
anyconnect enable
saml idp https://sts.windows.net/XXXXXXXXXXXXXXXX/
  url sign-in https://login.microsoftonline.com/XXXXXXXXXXXXXXXX/saml2
  url sign-out https://login.microsoftonline.com/common/wsfederation?wa=wsignout1.0
  base-url https://anyconnect.mydomain.com
  trustpoint idp AzureAD-AC-SAML
  trustpoint sp ASDM_TrustPoint1
  no signature
  no force re-authentication
 tunnel-group-list enable
 cache
  disable
 error-recovery disable

!

tunnel-group AnyConnect type remote-access
tunnel-group AnyConnect general-attributes
 address-pool AnyConnect-Pool
 default-group-policy GroupPolicy_AnyConnect
tunnel-group AnyConnect webvpn-attributes
 authentication saml
 group-alias AnyConnect enable
 saml identity-provider https://sts.windows.net/XXXXXXXXXXXXXXXXXXX/

!

: end

 

Kindly suggest.

1 ACCEPTED SOLUTION

Accepted Solutions

Hi Everyone,

 

I went little ahead and tried multiple codes and failed couple of time.

 

At last when I tried 9.8(2), it worked like charm. I really do not know what was the problem with other higher code versions.

 

Thanks

Mohammed

 

 

View solution in original post

1 REPLY 1

Hi Everyone,

 

I went little ahead and tried multiple codes and failed couple of time.

 

At last when I tried 9.8(2), it worked like charm. I really do not know what was the problem with other higher code versions.

 

Thanks

Mohammed

 

 

View solution in original post