Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
516
Views
0
Helpful
4
Replies

Enabling SSO on Expressway E Without SSO Enabled on Internal UCM

Go to solution
vincent.mignano
Level 1
Level 1

‎08-23-2022 07:16 AM

We have recently been asked to by our ISD group to secure our Mobile Remote Access authentication flow. We currently authenticate thru the Expressway E to the C to the UCM with AD integration. We are looking to turn on SSO on the Expressway E to authenticate with an External IdP before going through the Firewall Traversal as it is deemed a security risk not to allow access into the internal network without authentication.

I have read the deployment guide and cant determine if I need to have SSO turned on for the entire UC environment.

Also, the expressway E does not had the MRA Access Control configurations to change it to SSO.

Our UC environment is all 12.5 and our Expressway 14.0.5.

Please assist.

Thanks in advance

Vincent Mignano
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Roger Kallberg
VIP
VIP
In response to vincent.mignano

‎08-23-2022 10:47 AM - edited ‎08-23-2022 11:01 AM

Jabber will detect that SSO is in use without any change to configuration. That is given that you have not altered the default value in the configuration file to turn off SSO on the client side. For more information on what options there are in the configuration file search for Jabber parameter reference guide, it holds all available parameters and an explanation on what each does.



Response Signature


View solution in original post

0 Helpful
4 Replies 4

Go to solution
Roger Kallberg
VIP
VIP

‎08-23-2022 07:40 AM

I’m pretty sure that you’ll need to turn SSO on for your entire CM system, including your MRA system. The best option would be for you to get a service window and test it out yourself to know for sure. On your other part of your question, from what I know you configure this on the C node, not on the E. The E gets this configuration from the C.



Response Signature


0 Helpful

Go to solution
vincent.mignano
Level 1
Level 1
In response to Roger Kallberg

‎08-23-2022 08:27 AM

Hey Roger,

Thanks for the response. One follow up question to that, would we have to change the Jabber desktop application install configuration to recognize SSO or does Jabber do that on its own?

Vincent Mignano
0 Helpful

Go to solution
Roger Kallberg
VIP
VIP
In response to vincent.mignano

‎08-23-2022 10:47 AM - edited ‎08-23-2022 11:01 AM

Jabber will detect that SSO is in use without any change to configuration. That is given that you have not altered the default value in the configuration file to turn off SSO on the client side. For more information on what options there are in the configuration file search for Jabber parameter reference guide, it holds all available parameters and an explanation on what each does.



Response Signature


0 Helpful

Go to solution
vincent.mignano
Level 1
Level 1
In response to Roger Kallberg

‎09-01-2022 12:24 PM

Thanks for the assistance!

Vincent Mignano
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents