Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
404
Views
0
Helpful
1
Replies

Cisco Duo LDAPS migration to SAML with DAPS

LindseyJGreen
Level 1
Level 1

‎04-28-2023 04:57 AM

We currently use Cisco Duo with LDAPS for our SSL VPN Clients. On the firewall (ASA5508) we have Dynamic Access Policies in place, allowing certain Active Directory groups access to certain subnets.

 

When testing moving to SAML (Hybrid AzureAD with on prem domain controllers) for MFA, this no longer uses DAP.

How can we secure our different networks on a per user basis instead?

Thanks

Labels:
0 Helpful
1 Reply 1

Salman Mahajan
Cisco Employee
Cisco Employee

‎04-30-2023 01:47 PM

Hi @LindseyJGreen If my understanding is correct , what you are saying here is when deploying SAML as an authentication for SSL VPN it does not use DAP ( Dynamic Access Policy ) . It is not true as DAP applies to all remote access and clientless sessions and cannot be disabled – it is always running from the moment the ASA is powered on . 

0 Helpful
Customers Also Viewed These Support Documents