06-09-2022 04:42 PM
Hi,
I'm trying to setup a SAML authenticated VPN on my ASA to Microsoft Azure AD. ASA Version: 9.14(2)15 on ASA 5516. AnyConnect Client 4.10(newest)
Problem: I've followed the Cisco configuration guide for SAML Auth with Azure AD and I can login to Azure AD; I connect with Anyconnect and choose the profile group that is setup for SAML, the MS login window comes up I put in my company email and password. The Microsoft window says I'm logged in and ask me if I want to stayed logged in, I say no. then a browser window opens on my ASA that tells me the URL is forbidden.
What's going on here? I've check and triple checked the settings. Any help would be very much appreciated.
Thanks in advance!