cancel
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
295
Views
1
Helpful
2
Replies

FMC Admin login with MFA

Danny Dulin
Level 1
Level 1

We have successfully tested SSO with MFA logon to the FMC. However, when we attempt to logout, we receive the following message 

You are logged in using SSO provided by Azure. To protect your Firewall Management Center account from unauthorized access, you must separately end your Azure IdP session.

There is a button labeled "Redirect to Azure for Log Out."

Clicking that button redirects me to my MS 365 home page.

Subsequent logon attempts to the FMC allows me right into the console without 1st or 2nd factor authentication. 

I know that this is the basic premise for SSO...but I wanted to know if there was a way to terminate a session so that I am not allowed directly back into the console without being challenged.

2 Replies 2

ccieexpert
Spotlight
Spotlight

Here is one workaround. where would I do this in FMC?

I modified the machine sending the SAML request to use the ForceAuthn=true option which forced all users accessing an authentication portal to authenticate every time without making changes to the conditional access policy.

Review Cisco Networking for a $25 gift card