cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1535
Views
10
Helpful
6
Replies

ciscoasa-saml-cfg-asdm

secureIT
Enthusiast
Enthusiast

Hi All,

 

Could someone share the sample configuration template for integration of saml2.0 with asafw

and what certificates are reqd and how to install ?

We're using authentication via LDAP as of now and looking forward to integrate with P'fed'te.

Would like to know whether to select SP initiated or Idp Initiated SSO ?

We're using anyconnectvpn at the moment.

 

regards

SecIT

6 Replies 6

Cristian Matei
Collaborator
Collaborator

Hi,

 

   The mode depends on the traffic flow you want, in the end you can have one or both:if the user authenticates agains the IdP, you configure IdP on the ASA, if the user authenticates against the ASA, you configure SP on the ASA. In both cases, you need to import the certificate chain of the IdP on the ASA. If you do it from ASDM, it's pretty intuitive, if you do it form CLI, here's the guideline:

https://www.cisco.com/c/en/us/td/docs/security/asa/asa97/configuration/vpn/asa-97-vpn-config/webvpn-configure-users.html

 

Regards,

Cristian Matei.

Thanks a lot Cristian.
Would you please give me ASDM procedure.
The user shall be authenticates against Idp.

Whether to import the Idp certificate under Device Mgmt>CA certificate ?

or 

Configuration -> Remote Access VPN -> Certificate Management -> Identity certificates ?

Hi,

    

   Here's your configuration via ASDM:

 

https://www.cisco.com/c/en/us/td/docs/security/asa/asa98/asdm78/vpn/asdm-78-vpn-config/webvpn-configure-users.html

 

As for where to import the certificate, it doesn't matter, just configure a regular trustpoint.

 

Regards,

Cristian Matei.

Thank you Cristian, I shall test and get back to you.

Could someone please advise..

Hi,

 

  @secureIT I replied you in private and above as well, to your question.

 

Regards,

Cristian Matei.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Recognize Your Peers