Could someone share the sample configuration template for integration of saml2.0 with asafw
and what certificates are reqd and how to install ?
We're using authentication via LDAP as of now and looking forward to integrate with P'fed'te.
Would like to know whether to select SP initiated or Idp Initiated SSO ?
We're using anyconnectvpn at the moment.
The mode depends on the traffic flow you want, in the end you can have one or both:if the user authenticates agains the IdP, you configure IdP on the ASA, if the user authenticates against the ASA, you configure SP on the ASA. In both cases, you need to import the certificate chain of the IdP on the ASA. If you do it from ASDM, it's pretty intuitive, if you do it form CLI, here's the guideline:
Here's your configuration via ASDM:
As for where to import the certificate, it doesn't matter, just configure a regular trustpoint.