06-27-2024 08:58 AM
Having an issue getting the SAML configuration working with Entra ID with a new ASA. I have one setup in our other Azure Tenant that works fine. It's an older ASAv. I went through the same setup process.
ASA Version: 9.20(2)10
When I am setting up the SSO server on the ASA it looks like there a new field that's not on the other one. Local Base URL.
It seems like when I login, it's not able to contact Entra because it just prompts for a username and password and doesn't go to Secure Client Login
In Azure:
EntraID Identifier: https://public.domain.com/saml/sp/metadata/Support
Reply URL: https://public.domain.com/+CSCOE+/saml/sp/acs?tgname=Support
06-27-2024 01:09 PM
check example 9.18 onwards its changed :
https://www.securityccie.net/2023/08/07/asa-dns-load-balancing-with-saml/
check the thread :
https://community.cisco.com/t5/vpn/saml-for-cisco-asa-in-load-balancing-group/td-p/4773002
07-08-2024 01:02 PM
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide