Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1508
Views
5
Helpful
3
Replies

Require SAML 2.0 for Anyconnect

Go to solution
danielbusisa1410
Level 1
Level 1

‎06-14-2020 07:40 AM

I want to deploy SAML 2.0 on my environment and i am still using anyconnect version 4.1. is it still exist to use SAML 2.0 or any minimum requirement for SAML 2.0 ?

 

Thank you for replying my post.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Rob Ingram
VIP
VIP

‎06-14-2020 08:02 AM

Hi,

You should look to upgrade from AnyConnect 4.1,as it's 5 years old and no further updates will be available.

In addition AnyConnect SAML support was added to allow an AnyConnect 4.4 client to access SAAS-based applications using SAML 2.0. AnyConnect 4.6 introduces an enhanced version of SAML integration with an embedded browser.

 

Reference:-

https://www.cisco.com/c/en/us/td/docs/security/asa/asa97/configuration/vpn/asa-97-vpn-config/webvpn-configure-users.html#topic_3D9C418D1A6D489FBC88F760215AFD26

 

Aside from the additional SAML support on the newer versions, you should look to upgrade to AnyConnect 4.7 minimum as this provides the best peformance of Remote Access VPNs.

 

HTH

 

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Rob Ingram
VIP
VIP

‎06-14-2020 08:02 AM

Hi,

You should look to upgrade from AnyConnect 4.1,as it's 5 years old and no further updates will be available.

In addition AnyConnect SAML support was added to allow an AnyConnect 4.4 client to access SAAS-based applications using SAML 2.0. AnyConnect 4.6 introduces an enhanced version of SAML integration with an embedded browser.

 

Reference:-

https://www.cisco.com/c/en/us/td/docs/security/asa/asa97/configuration/vpn/asa-97-vpn-config/webvpn-configure-users.html#topic_3D9C418D1A6D489FBC88F760215AFD26

 

Aside from the additional SAML support on the newer versions, you should look to upgrade to AnyConnect 4.7 minimum as this provides the best peformance of Remote Access VPNs.

 

HTH

 

0 Helpful

Go to solution
danielbusisa1410
Level 1
Level 1
In response to Rob Ingram

‎06-14-2020 10:31 AM

Hi Rob,

 

Thank you for your answer, 

also i want to ask, i use IOS version 9.5 in my cisco ASA. is still exist for SAML 2.0?

 

Thank you

0 Helpful

Go to solution
Rob Ingram
VIP
VIP
In response to danielbusisa1410

‎06-14-2020 10:44 AM

Hi,

I believe SAML 2.0 was first introduced on ASA v9.7, as per release notes

https://www.cisco.com/c/en/us/td/docs/security/asa/asa97/release/notes/asarn97.html

 

You should probably consider upgrading to a recommended ASA version, version 9.10 or above is recommended for Remote Access VPN performance enhancements (DTLS 1.2).

 

Version 9.12.3 is a current recommended version

https://software.cisco.com/download/home/284143129/type/280775065/release/9.12.3%20Interim

 

HTH

Customers Also Viewed These Support Documents