cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements

Ask the Expert- SD-WAN

3457
Views
0
Helpful
4
Replies
kpo Beginner
Beginner

AnyConnect clientless and SAML

I have a problem with Anyconnect clientless configuration with SAML. I have correctly configured ConnectionProfile, GroupPolicies and SAML Identity Provider. My Identity Provider is a simpleSAMLphp script.

At logon I am redirected to the AnyConnect login page, and in the ASDM log I get an error:

 

Failed to consume SAML assertion. Reason: The identifier of a provider is unknown to #LassoServer. To register a provider in a #LassoServer object, you must use the lasso_server_add_provider () or lasso_server_add_provider_from_buffer () methods.

 

Regards

Chris

Everyone's tags (4)
1 ACCEPTED SOLUTION

Accepted Solutions
Highlighted
kpo Beginner
Beginner

Re: AnyConnect clientless and SAML

Hi, I made a factory reset and configured from scratch, it works correctly, It works correctly from Cisco Adaptive Security Appliance Software Version 9.9(1)4

4 REPLIES 4
VIP Advisor

Re: AnyConnect clientless and SAML

Hi,

Have you tried to do what it asks:

lasso_server_add_provider ()

lasso_error_t
lasso_server_add_provider (LassoServer *server,
                           LassoProviderRole role,
                           const gchar *metadata,
                           const gchar *public_key,
                           const gchar *ca_cert_chain)
Beginner

Re: AnyConnect clientless and SAML

Those aren't Cisco ASA commands. I suppose that is something Cisco developers would have to do. Cisco documentation isn't very helpful about stating what format the SAML assertion needs to have...

Beginner

Re: AnyConnect clientless and SAML

Were you able to find a resolution to this issue?

Highlighted
kpo Beginner
Beginner

Re: AnyConnect clientless and SAML

Hi, I made a factory reset and configured from scratch, it works correctly, It works correctly from Cisco Adaptive Security Appliance Software Version 9.9(1)4