Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
686
Views
5
Helpful
1
Replies

Firepower Anyconnect SAML Authentication

romarroca
Level 1
Level 1

‎05-06-2022 07:50 AM

Hi guys!

I need some clarifications with the migration I am working on. There is an OLD ASA with Anyconnect configuration that uses SAML for authentication:

 

saml idp <<snip>>
url sign-in <<snip>>
url sign-out <<snip>>
base-url <<snip>>
trustpoint idp DUO_CA_CERT
trustpoint sp DUO_CA_CERT
no signature
no force re-authentication

 

 

Now we are migrating this configuration to a new Firepower. Can we just use the same information above and just re-upload the CA-CERT or we have to create new "Protect" instance in the DUO portal that will generate new IDP and CA cert?

 

Regards,

Romar

1 Reply 1

Marvin Rhoads
Hall of Fame
Hall of Fame

‎05-06-2022 10:35 AM

If the VPN tunnel-group isn't changing you should be able to continue to use the same application instance in the Duo portal with its associated certificates and metadata.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card