Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
469
Views
1
Helpful
2
Replies

Azure AD with AnyConnect with Multiple SSO servers

jf1134
Level 1
Level 1

‎03-22-2024 11:54 AM

I have setup Azure MFA working with AnyConnect and it works fine. A problem I am having is I have a couple of different profiles that I was hoping to use. I tried in the AnyConnect App in Azure and create some new SAML configurations but the problem is the Entra Identifier is tied to the base URL for one profile

Next I tried and setup a new AnyConnect enterprise app and configured it with a different profile but when I try to set it up on the ASA, it won't let me because the Entra ID is the same

Is there anyway to have multiple ones on the ASA for the SAML server config?

Thanks

Labels:
0 Helpful
2 Replies 2

Pulkit Mittal
Spotlight
Spotlight

‎03-22-2024 02:45 PM

Try the steps mentioned in this article. It should fix the issues.

https://community.cisco.com/t5/security-knowledge-base/anyconnect-vpn-saml-sso-with-azure-idp-multi-tunnel-groups/ta-p/4563095

If you find this useful, please mark it helpful and accept the solution.

jf1134
Level 1
Level 1

‎03-23-2024 02:38 PM

So I have it working right now. The issue is I have a couple different Anyconnect Connection profiles setup on the ASA. It seems like the problem is that even though I create a different enterprise app in Azure they are still using the same Entra Identifier and Cisco won't let me create one that has a different base URL because those are the same.

So basically I need to be able to have different base URL's so that I can use the different profiles that I have setup.

0 Helpful
Customers Also Viewed These Support Documents