Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5125
Views
0
Helpful
5
Replies

"Authentication failed due to problem navigating to the single sign-on

naeel
Level 1
Level 1

‎06-05-2023 09:25 AM

 

good afternoon everyone,


last week i replaced our company cisco ASA v9.13 with a new ASA v9.19. I installed all the configuration from the old one on the new ASA. the old ASA worked fine with anyconnect and sso on keykloack. but on the new one the anyconnect doesn't work the sso way anymore. works fine without sso. if I run the windows on an older anyconnect client version 4.10.05***, the sso also works well, but not with new versions and also on the mac os and linux and also not on the browser.

I always get the message : authentication failed due to problem navigating to the single sign-on url

can someone help me here?

naeel_1-1685982264737.png

 

 

Labels:
0 Helpful
5 Replies 5

Salman Mahajan
Cisco Employee
Cisco Employee

‎06-06-2023 11:59 AM

Hello @naeel 

Please confirm which Anyconnect version works with ASAv9.19 and which does not ? 

 

Regards
Salman Mahajan 

0 Helpful

naeel
Level 1
Level 1
In response to Salman Mahajan

‎06-06-2023 12:08 PM

Hi Salman,


I have tried several versions. now i have 4.10.07061, and i have the secure client v 5.**. deversion that works well now is 4.10.05071. mac os and linux doesn't work either.

sso connection works fine with 4.10.05071. if i connect without sso all versions work fine.

0 Helpful

Salman Mahajan
Cisco Employee
Cisco Employee

‎06-06-2023 12:25 PM

Hi @naeel 

Looks like you are hitting this bug as per the symptoms - https://bst.cloudapps.cisco.com/bugsearch/bug/CSCwa31551
It is fixed in Secure Client v5 . For windows you can use Secure Client v5 and for MAC/Linux you will have to go with 4.10.05071 till the time Secure Client becomes available for it . 

Potential Workaround You can try :- Since you have upgraded ASAv to 9.19 , it support external browser for SAML authentication . You can try to use that for Anyconnect instead of Embedded Browser authentication .  

Regards
Salman Mahajan 

0 Helpful

naeel
Level 1
Level 1
In response to Salman Mahajan

‎06-06-2023 12:32 PM

the mac os doesn't work on all versions now and also on the version 4.10.05071. so the mac no longer works on asa 9.19 with sso connection. the windows also does not work on the secur client v5 with sso. If I connect without sso everything works fine

0 Helpful

Aref Alsouqi
VIP
VIP

‎06-15-2023 12:22 PM

I wouldn't go with version 9.19.1 as it is not listed as the recommended release. I think the options you would have would be a) to downgrade to the latest recommended which is 9.18.3, b) to raise a TAC.

0 Helpful
Customers Also Viewed These Support Documents