Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
480
Views
0
Helpful
1
Replies

FTD VPN with Azure SSO Multi-Tunnel Group

thananat.ma
Level 1
Level 1

‎12-27-2023 11:05 PM

Hello, I have a problem with FTD Remote Access. I want to use multiple VPN profiles to separate roles and split tunnel routing for the VPN. And I created additional SSO for the new role and got this error. Not sure if it's a FTD limitation or not

Role A : Need Split tunnel 10.0.0.0/8

Role B : Need Split Tunnel 10.0.0.0/8 , some public ip address

Error Message :

Policy Name: VPN
Summary: Duplicate Identity Provider Entity ID.
Description: Selected Single Sign-on Server objects ( A,B) are having duplicate Identity Provider Entity ID ( https://sts.windows.net/xxx/ ).
Cause: Duplicate Identity Provider Entity ID used in Single Sign-on Server objects.
Action: Please use different Single Sign-on Server objects or configure different Identity Provider Entity ID

0 Helpful
1 Reply 1

Babagbemiga Olla
Level 1
Level 1

‎12-28-2023 01:07 AM

 

To achieve this setup, please confirm that the following steps have been completed:

  1. Created multiple enterprise app on Azure.

  2. Generated a certificate externally and uploaded it to both Azure and FTD. This is necessary because only one certificate can be uploaded to FTD for this purpose.

For additional context, refer to the community forum discussion linked below: https://community.cisco.com/t5/vpn/one-saml-for-2-anyconnect-profiles/td-p/4765122"

0 Helpful
Customers Also Viewed These Support Documents